CSR Review Request JDK-816826, Use server cipher suites preference by default

Xuelei Fan xuelei.fan at oracle.com
Mon Feb 25 17:36:13 UTC 2019


Hi,

Could I have the following CSR reviewed?
    https://bugs.openjdk.java.net/browse/JDK-8219657

It is proposing to use server cipher suite preference by default for TLS 
connections in JDK. In the current implementation, the server honors the 
client cipher suite preference by default. It is easier to maintain if 
using the server cipher suite preference, and then the server can have 
more control over the security parameters of TLS connections.

I think the compatibility impact should be minimal.  If there is a known 
risk for you, please let me know by the end of March 4, 2019.

Thanks,
Xuelei


More information about the security-dev mailing list