RFR: 8256660: Disable DTLS 1.0

Bradford Wetmore wetmore at openjdk.org
Fri Oct 28 22:34:19 UTC 2022


On Fri, 28 Oct 2022 17:00:12 GMT, Sean Mullan <mullan at openjdk.org> wrote:

> Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html.
> 
> CSR: https://bugs.openjdk.org/browse/JDK-8280507

LGTM, also.

Took a bit to figure out 1352, but got it now.

-------------

Marked as reviewed by wetmore (Reviewer).

PR: https://git.openjdk.org/jdk/pull/10905


More information about the security-dev mailing list