Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 20
Affects Version/s: None
Component/s: security-libs
Labels:

Subcomponent:
javax.net.ssl
Resolved In Build:
b22

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8326021	17.0.12-oracle	Prasadarao Koppula	P3	Resolved	Fixed	b01
JDK-8327808	17.0.12	Goetz Lindenmaier	P3	Resolved	Fixed	b01
JDK-8326020	11.0.24-oracle	Prasadarao Koppula	P3	Resolved	Fixed	b01
JDK-8330358	11.0.24	Goetz Lindenmaier	P3	Resolved	Fixed	b01

Disable DTLS 1.0 by default. This version of DTLS has weakened over time and lacks support for stronger cipher suites. DTLS 1.0 correlates with version 1.1 of TLS which has already been disabled by default in JDK 16. The IETF has deprecated this version of DTLS (along with TLS 1.0 and 1.1) in RFC 8996: https://www.rfc-editor.org/rfc/rfc8996.html

backported by

JDK-8326020 Disable DTLS 1.0

Resolved

JDK-8326021 Disable DTLS 1.0

Resolved

JDK-8327808 Disable DTLS 1.0

Resolved

JDK-8330358 Disable DTLS 1.0

Resolved

csr for

JDK-8280507 Disable DTLS 1.0

Closed

relates to

JDK-8301381 Verify DTLS 1.0 cannot be negotiated

Resolved

JDK-8296820 Add implementation note to SSLContext.getInstance noting subsequent behavior if protocol is disabled

Open

JDK-8202343 Disable TLS 1.0 and 1.1

Resolved

links to

Commit openjdk/jdk11u-dev/b39a4d24

Commit openjdk/jdk17u-dev/dd94e203

Commit openjdk/jdk/16744b34

Review openjdk/jdk11u-dev/2584

Review openjdk/jdk17u-dev/2272

Review openjdk/jdk/10905

(3 relates to, 6 links to)

There are no Sub-Tasks for this issue.

Assignee:: Sean Mullan
Reporter:: Sean Mullan
Votes:: 0 Vote for this issue
Watchers:: 6 Start watching this issue

Created:: 2020-11-19 06:34
Updated:: 2024-04-16 05:04
Resolved:: 2022-10-31 09:50

Details

Backports

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates