-
Backport
-
Resolution: Delivered
-
P3
-
8u311
The default priority order of the cipher suites for TLS 1.0 to TLS 1.3 has been adjusted.
For TLS 1.3, TLS_AES_256_GCM_SHA384 is now preferred over TLS_AES_128_GCM_SHA256.
For TLS 1.0 to TLS 1.2, some of the intermediate suites have been lowered in priority as follows:
- Cipher suites that do not preserve forward secrecy have been moved lower in priority than those that do support forward secrecy
- Cipher suites that use SHA-1 have been moved lower in priority
For TLS 1.3, TLS_AES_256_GCM_SHA384 is now preferred over TLS_AES_128_GCM_SHA256.
For TLS 1.0 to TLS 1.2, some of the intermediate suites have been lowered in priority as follows:
- Cipher suites that do not preserve forward secrecy have been moved lower in priority than those that do support forward secrecy
- Cipher suites that use SHA-1 have been moved lower in priority
- backport of
-
-
- Closed
-