RFR: 8202343: Disable TLS 1.0 and 1.1

Sean Mullan mullan at openjdk.java.net
Mon Nov 16 20:24:09 UTC 2020


This change disables the TLSv1 and TLSv1.1 protocols by adding them to the jdk.tls.disabledAlgorithms security property in the java.security file. These protocols use weak algorithms and are being deprecated by the IETF. They should be disabled by default to improve the default security configuration of the JDK. See the CSR for more rationale: https://bugs.openjdk.java.net/browse/JDK-8254713

-------------

Commit messages:
 - 8202343: Disable TLS 1.0 and 1.1
 - 8202343: Disable TLS 1.0 and 1.1

Changes: https://git.openjdk.java.net/jdk/pull/1235/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=1235&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8202343
  Stats: 393 lines in 20 files changed: 269 ins; 97 del; 27 mod
  Patch: https://git.openjdk.java.net/jdk/pull/1235.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/1235/head:pull/1235

PR: https://git.openjdk.java.net/jdk/pull/1235



More information about the security-dev mailing list