Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8256660

Disable DTLS 1.0

    XMLWordPrintable

Details

    Backports

      Description

        Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8326020 Disable DTLS 1.0

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8326021 Disable DTLS 1.0

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8327808 Disable DTLS 1.0

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8330358 Disable DTLS 1.0

            • P3 - Major loss of function.
            • Resolved
            csr for

            CSR - null JDK-8280507 Disable DTLS 1.0

            • P3 - Major loss of function.
            • Closed
            relates to

            Enhancement - null JDK-8301381 Verify DTLS 1.0 cannot be negotiated

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Enhancement - null JDK-8296820 Add implementation note to SSLContext.getInstance noting subsequent behavior if protocol is disabled

            • P3 - Major loss of function.
            • Open

            Enhancement - null JDK-8202343 Disable TLS 1.0 and 1.1

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved
            links to

            Commit Commit openjdk/jdk11u-dev/b39a4d24

            Commit Commit openjdk/jdk17u-dev/dd94e203

            Commit Commit openjdk/jdk/16744b34

            Review Review openjdk/jdk11u-dev/2584

            Review Review openjdk/jdk17u-dev/2272

            Review Review openjdk/jdk/10905

            Activity

              People

                mullan Sean Mullan
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: