RFR: 8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
Sean Mullan
mullan at openjdk.org
Fri Apr 4 17:21:58 UTC 2025
On Tue, 1 Apr 2025 20:53:01 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
> Disable SHA-1 in TLS/DTLS 1.2 handshake signatures (but not in certificate signatures).
> https://www.rfc-editor.org/rfc/rfc9155.html
test/jdk/sun/security/ssl/SignatureScheme/DisableSHA1inHandshakeSignatureTLS12.java line 28:
> 26: * @bug 8340321
> 27: * @summary Disable SHA-1 in TLS/DTLS 1.2 signatures.
> 28: * This test only covers TLS 1.2.
What about TLS 1.3? Do we never include sha1 signature mechanisms?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24367#discussion_r2029178689
More information about the security-dev
mailing list