RFR: 8256660: Disable DTLS 1.0
Xue-Lei Andrew Fan
xuelei at openjdk.org
Fri Oct 28 17:31:26 UTC 2022
On Fri, 28 Oct 2022 17:00:12 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html.
>
> CSR: https://bugs.openjdk.org/browse/JDK-8280507
Looks good to me.
-------------
Marked as reviewed by xuelei (Reviewer).
PR: https://git.openjdk.org/jdk/pull/10905
More information about the security-dev
mailing list