Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8256660

Disable DTLS 1.0

    XMLWordPrintable

Details

    Description

      Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html

      Attachments

        Issue Links

          csr for

          CSR - null JDK-8280507 Disable DTLS 1.0

          • P3 - Major loss of function.
          • Closed
          relates to

          Enhancement - null JDK-8301381 Verify DTLS 1.0 cannot be negotiated

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Enhancement - null JDK-8296820 Add implementation note to SSLContext.getInstance noting subsequent behavior if protocol is disabled

          • P3 - Major loss of function.
          • Open

          Enhancement - null JDK-8202343 Disable TLS 1.0 and 1.1

          • P2 - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          Commit Commit openjdk/jdk/16744b34

          Review Review openjdk/jdk/10905

          Activity

            People

              mullan Sean Mullan
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: