[15] RFR: 8238560: Cleanup and consolidate algorithms in the jdk.tls.legacyAlgorithms security property

Xuelei Fan xuelei.fan at oracle.com
Thu Feb 20 16:43:54 UTC 2020


Thanks for the cleanup.  I added myself as reviewer for the CSR, and the 
webrev looks fine to me.

Xuelei

On 2/20/2020 5:01 AM, Sean Mullan wrote:
> Please review this change to cleanup and consolidate the default value 
> of the jdk.tls.legacyAlgorithms security property. The following changes 
> have been made:
> 
> 1. Changed K_NULL, C_NULL, M_NULL to NULL, which will cover all null 
> cipher suites. The *_NULL algorithms were implementation details and not 
> compliant with the specification of the property.
> 
> 2. Changed DH_anon, ECDH_anon to anon, which will cover all cipher 
> suites using anonymous authentication.
> 
> 3. Changed RC4_128, RC4_40 to RC4, which will cover all cipher suites 
> using RC4 for encryption.
> 
> 4. Changed DES_CBC, DES40_CBC to DES, which will cover all cipher suites 
> using DES for encryption.
> 
> I also added a new regression test.
> 
> CSR: https://bugs.openjdk.java.net/browse/JDK-8239377
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8238560/webrev.00/
> 
> Thanks,
> Sean


More information about the security-dev mailing list