-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
b06
- Add TLSv1.3 to the list of requirements. TLSv1.3 is the most secure protocol version and is in wide use. Add all cryptographic algorithms that are needed to implement the TLSv1.3 cipher suites and signature mechanisms that are defined by https://www.rfc-editor.org/rfc/rfc8446 as MUST or SHOULD requirements.
- Add the algorithms that are required by CNSA 1.0. CNSA 1.0 support was added in JDK 19: https://bugs.openjdk.org/browse/JDK-8267319.
No required algorithms or protocols are being removed at this time.
[1] https://docs.oracle.com/en/java/javase/23/docs/specs/security/standard-names.html#security-algorithm-implementation-requirements
- csr for
-
JDK-8346684 Add TLSv1.3 and CNSA 1.0 algorithms to implementation requirements
-
- Closed
-
- relates to
-
JDK-5001004 Required Security Algorithms need to be defined
-
- Closed
-
-
JDK-8176745 Drop SSLContext TLSv1 cipher suite requirements
-
- Closed
-
-
JDK-8015388 Required algorithms for JDK 9
-
- Resolved
-
-
JDK-8214483 Remove algorithms that use MD5 or DES from security requirements
-
- Resolved
-
-
JDK-8214443 Remove TLS v1 and v1.1 from SSLContext required algorithms
-
- Closed
-
- links to
-
Commit(master) openjdk/jdk/3bfa9521
-
Review(master) openjdk/jdk/22904