Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8163326

Update the default enabled cipher suites preference

    XMLWordPrintable

Details

    Backports

      Description

        At present, the SunJSSE provider prefers the better performance of key exchange and digital signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS.

        Forward secrecy should be preferable first. If the DHE ephemeral key limitation get resolved, the order should be changed to ECDHE-ECDSA, ECDHE-RSA, DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.

        Attachments

          Issue Links

            Activity

              People

                xuelei Xuelei Fan
                xuelei Xuelei Fan
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: