[External] : Disabled TLS_RSA

[Sean Mullan]

On 2/24/26 8:25 AM, ecki wrote:
> With the January Update we disabled the nonˋforward TLS_RSA ciphers, 
> which Potentials would Interrup Communication with some of our Customers 
> Partners (as expected). We therefore recommend those customers to re- 
> enable it. However what I noticed
> With the January Update we disabled the nonˋforward TLS_RSA ciphers, 
> which Potentials would  Interrup Communication with some of our 
> Customers Partners (as expected).
> 
>   We therefore recommend those customers to re-enable it. However what I 
> noticed is, that it is not (also) in the Legacy List (like some other 
> disabled ciphers). I suspect it already has lower priority, but would it 
> make sense to add it also to the Legacy ciphers?

We could but it actually wouldn't have any direct impact since those 
suites are already the lowest in priority.
> 
> BTW unlike other options the Oracle Crypto Roadmap seems to not have a 
> description how to re-enable it (I mean it is failry obvious, but given 
> It’s damage potential I would have thought it’s spelled out anyway)

More recently, we don't include specific instructions to re-enable it as 
it is usually just the reverse of the instructions for testing. However, 
the current instructions don't list the TLS_RSA wildcard (since support 
for that was added after the Crypto Roadmap action for the disabling), 
so that should be updated, and I'll file an issue to get that corrected.

--Sean