Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P2
Fix Version/s: 9
Affects Version/s: 6, 7, 8, 9
Component/s: security-libs
Labels:

Subcomponent:
javax.net.ssl
Resolved In Build:
b127
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8169147	8u152	Sean Coffey	P2	Resolved	Fixed	b01
JDK-8167875	emb-8u121	Sean Coffey	P2	Resolved	Fixed	b01
JDK-8175450	openjdk7u	Sean Coffey	P2	Resolved	Fixed	master

Per NIST SP 800-57, EC curves less than 224 should be disallowed since 2013, and curves less than 256 should be disallowed since 2030.

As EC usage in TLS is relative new, almost all TLS implementations default to the NIST P-256 or stronger curves. Disable curves less than 256 bits should cause no issues.

backported by

JDK-8167875 Increase the minimum strength of EC keys

Resolved

JDK-8169147 Increase the minimum strength of EC keys

Resolved

JDK-8175450 Increase the minimum strength of EC keys

Resolved

relates to

JDK-8161232 AsyncSSLSocketClose.java test fails timeout.

Resolved

JDK-8177071 typo in test DisabledAlgorithms.java

Closed

JDK-8166362 [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01

Resolved

JDK-8173783 IllegalArgumentException: jdk.tls.namedGroups

Closed

JDK-8167472 Chrome interop regression with JDK-8148516

Closed

JDK-8176479 javax.net.ssl.SSLHandshakeException: Unsupported curveId: 21

Closed

(4 relates to)

1.	Release Note: Improve the default strength of EC in JDK.		Closed	Xuelei Fan
2.	Release Note: IllegalArgumentException from TLS handshake		Closed	Sean Coffey

Assignee:: Vivek Theeyarath (Inactive)

Reporter:: Xuelei Fan

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Due:: 2016-07-30

Created:: 2016-01-28 15:59

Updated:: 2018-05-09 00:30

Resolved:: 2016-07-08 22:58

Details

Backports

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates