Details
-
Enhancement
-
Status: Resolved
-
P3
-
Resolution: Fixed
-
None
-
b22
Description
Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html
Attachments
Issue Links
- csr for
-
JDK-8280507 Disable DTLS 1.0
-
- Closed
-
- relates to
-
JDK-8301381 Verify DTLS 1.0 cannot be negotiated
-
- Resolved
-
-
JDK-8296820 Add implementation note to SSLContext.getInstance noting subsequent behavior if protocol is disabled
-
- Open
-
-
JDK-8202343 Disable TLS 1.0 and 1.1
-
- Resolved
-
(1 links to)
1.
|
Release Note: Disabled DTLS 1.0 |
|
Resolved | Sean Mullan |