RFR: 8163327: Remove 3DES from the default enabled cipher suites list

Sean Mullan mullan at openjdk.java.net
Mon Mar 21 19:49:08 UTC 2022


This fix removes obsolete and deprecated 3DES cipher suites from the default enabled cipher suites list of the SunJSSE provider implementation. 

Note that 3DES suites are already disabled by default via the `jdk.tls.disabledAlgorithms` security property.  This change goes one step further and provides an extra level of defense by making them unavailable by default.  See the CSR for more details: https://bugs.openjdk.java.net/browse/JDK-8283450

-------------

Commit messages:
 - Initial revision.

Changes: https://git.openjdk.java.net/jdk/pull/7894/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=7894&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8163327
  Stats: 137 lines in 4 files changed: 83 ins; 35 del; 19 mod
  Patch: https://git.openjdk.java.net/jdk/pull/7894.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/7894/head:pull/7894

PR: https://git.openjdk.java.net/jdk/pull/7894



More information about the security-dev mailing list