-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
b23
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8330757 | 17.0.13-oracle | Nibedita Jena | P3 | Resolved | Fixed | b01 |
| JDK-8333998 | 17.0.13 | Martin Doerr | P3 | Resolved | Fixed | b01 |
| JDK-8330758 | 11.0.25-oracle | Nibedita Jena | P3 | Resolved | Fixed | b01 |
| JDK-8334194 | 11.0.25 | Martin Doerr | P3 | Resolved | Fixed | b01 |
| JDK-8334296 | openjdk8u432 | Zdenek Zambersky | P3 | Resolved | Fixed | b01 |
| JDK-8330759 | 8u431 | Nibedita Jena | P3 | Resolved | Fixed | b01 |
Some TLS_ECDH_* cipher suites are already disabled because they use 3DES, RC4, anon, or NULL, which are disabled. This action will disable all remaining ECDH cipher suites.
[1] https://www.ietf.org/archive/id/draft-ietf-uta-rfc7525bis-11.html#name-general-guidelines (see 6th bullet starting with "Implementations SHOULD NOT negotiate cipher suites based on non-ephemeral (static) finite-field Diffie-Hellman key agreement.")
- backported by
-
JDK-8330757 Disable TLS_ECDH_* cipher suites
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- csr for
-
JDK-8296300 Disable TLS_ECDH_* cipher suites
-
- Closed
-
- relates to
-
-
- Resolved
-
-
JDK-8337230 Update JSSE security and system properties in Customizing JSSE
-
- Resolved
-
- links to
-
Commit
openjdk/jdk8u-dev/b1e2ea81
-
Commit
openjdk/jdk11u-dev/5dddf693
-
Commit
openjdk/jdk17u-dev/7bc22f7c
-
Commit
openjdk/jdk/00d22f60
-
Review
openjdk/jdk8u-dev/519
-
Review
openjdk/jdk11u-dev/2763
-
Review
openjdk/jdk17u-dev/2559
-
Review
openjdk/jdk/10969