-
Sub-task
-
Resolution: Delivered
-
P3
-
6u211, 7u201, 8u191, 11.0.1, 12
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8210105 | 11.0.1 | Clifford Wayne | P3 | Closed | Delivered | |
JDK-8210475 | 8u191 | Clifford Wayne | P3 | Closed | Delivered | |
JDK-8210104 | 7u201 | Clifford Wayne | P3 | Closed | Delivered | |
JDK-8210103 | 6u211 | Clifford Wayne | P3 | Closed | Delivered |
DES-based TLS cipher suites are considered obsolete and should no longer be used. DES-based cipher suites have been deactivated by default in the SunJSSE implementation by adding the "DES" identifier to the `jdk.tls.disabledAlgorithms` security property. These cipher suites can be reactivated by removing "DES" from the `jdk.tls.disabledAlgorithms` security property in the `java.security` file or by dynamically calling the `Security.setProperty()` method. In both cases re-enabling DES must be followed by adding DES-based cipher suites to the enabled cipher suite list using the `SSLSocket.setEnabledCipherSuites()` or `SSLEngine.setEnabledCipherSuites()` methods.
Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the `jdk.tls.disabledAlgorithms` security property.
Note that prior to this change, DES40_CBC (but not all DES) suites were disabled via the `jdk.tls.disabledAlgorithms` security property.
- backported by
-
JDK-8210103 Release Note: Disabled All DES TLS Cipher Suites
- Closed
-
JDK-8210104 Release Note: Disabled All DES TLS Cipher Suites
- Closed
-
JDK-8210105 Release Note: Disabled All DES TLS Cipher Suites
- Closed
-
JDK-8210475 Release Note: Disabled All DES TLS Cipher Suites
- Closed