8245545: TLS_RSA roadmap

[Sean Mullan]

Hi Bernd,

On 2/27/25 11:24 AM, Bernd wrote:
> Hello,
> 
> Just noticed you plan to disable TLS_RSA ciphers in 2026. I wonder there 
> are some Legacy entries which are both disabled and marked as Legacy, 
> but some are only disabled.
> 
> Is there a plan to this? I would expect TLS_RSA to be more likely to be 
> re-enabled, so maybe it should be delivered on the Legacy List as well - 
> or does that not work?

I think you mean adding it to the "jdk.tls.legacyAlgorithms" security 
property?

Right now, all of the TLS_RSA suites are listed lowest in priority by 
default (meaning they are only negotiated if there are no stronger 
candidates), so adding it to that property would not have any effect. 
However, adding them to the property may make sense in case someone 
tries to use a different order using the JSSE system properties. So let 
me look into that more first to see if it has any benefit.

> in a similar fashion, MD5 seems to be missing (and maybe the only alg 
> which makes sense to put on the List while not disabled yet, SHA(1)?

This property is more at the cipher suite level. That said, it may be 
worth enhancing it to cover signature mechanisms, so I'll look into that 
some more.

> BTW maybe not related to OpenJDK, but on the Crypto Roadmap of Oracle 
> TLS_RSA is listed as planned for (only) 2026, but it does not set list 
> 24 even through in OpenJDK it’s already commited (that would be ok if 
> not in the same table 24 is listed for CA Camerfirma. Does that mean the 
> initial Oracle Release of 24 will have it enabled? What about 25?

Yes, 24 will have TLS_RSA suites disabled by default. The first line of 
the More Information link currently says:

"This change will be implemented in a feature release prior to being 
backported to earlier LTS releases."

Once JDK 24 is released, we will update this to say:

"This change has already been made in JDK 24 and later releases."

--Sean

[1] https://www.java.com/en/configure_crypto.html#DisableTLS_RSA