CSR Review Request JDK-816826, Use server cipher suites preference by default
Xuelei Fan
xuelei.fan at oracle.com
Mon Feb 25 17:36:13 UTC 2019
Hi,
Could I have the following CSR reviewed?
https://bugs.openjdk.java.net/browse/JDK-8219657
It is proposing to use server cipher suite preference by default for TLS
connections in JDK. In the current implementation, the server honors the
client cipher suite preference by default. It is easier to maintain if
using the server cipher suite preference, and then the server can have
more control over the security parameters of TLS connections.
I think the compatibility impact should be minimal. If there is a known
risk for you, please let me know by the end of March 4, 2019.
Thanks,
Xuelei
More information about the security-dev
mailing list