-
Enhancement
-
Resolution: Fixed
-
P2
-
None
-
b18
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8356456 | 21.0.10-oracle | Nibedita Jena | P2 | Open | Unresolved | |
JDK-8356457 | 17.0.18-oracle | Nibedita Jena | P2 | Open | Unresolved | |
JDK-8356458 | 11.0.30-oracle | Nibedita Jena | P2 | Open | Unresolved | |
JDK-8356459 | 8u481 | Nibedita Jena | P2 | Open | Unresolved |
Other TLS implementations have started deprecating their usage. Chrome 117 has removed support for signature algorithms using SHA-1 for server signatures during the TLS handshake [2]. OpenSSL changed their default security level to 2 in version 3.2.0, and this level disables SHA-1 TLS signatures.
[1] https://www.rfc-editor.org/rfc/rfc9155.html
[2] https://chromestatus.com/feature/4832850040324096
- backported by
-
JDK-8356456 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
-
- Open
-
-
JDK-8356457 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
-
- Open
-
-
JDK-8356458 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
-
- Open
-
-
JDK-8356459 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
-
- Open
-
- csr for
-
JDK-8353566 Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
-
- Closed
-
- is blocked by
-
JDK-8349583 Add mechanism to disable signature schemes based on their TLS scope
-
- Resolved
-
- relates to
-
JDK-8301626 Capture Key Exchange information in TLSHandshakeEvent
-
- Open
-
- links to
-
Commit(master) openjdk/jdk/dfa79c37
-
Review(master) openjdk/jdk/24367