-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: None
-
Component/s: security-libs
The SSLContext.createSSLEngine() method has the following text:
"Some cipher suites (such as Kerberos) require remote hostname information, in which case this factory method should not be used."
The SSLContext.createSSLEngine(String peerHost, int peerPort) method has the following text:
"Some cipher suites (such as Kerberos) require remote hostname information, in which case peerHost needs to be specified."
The "(such as Kerberos)" text should be removed. The Kerberos cipher suites are obsolete and use weak algorithms. Support for the Kerberos suites were removed from the JDK as part of the TLS 1.3 implementation.
The SSLEngine(String peerHost, int peerPort) ctor has the following text:
"Some cipher suites (such as Kerberos) require remote hostname information. Implementations of this class should use this constructor to use Kerberos."
The "(such as Kerberos)" and the second sentence should be removed.
"Some cipher suites (such as Kerberos) require remote hostname information, in which case this factory method should not be used."
The SSLContext.createSSLEngine(String peerHost, int peerPort) method has the following text:
"Some cipher suites (such as Kerberos) require remote hostname information, in which case peerHost needs to be specified."
The "(such as Kerberos)" text should be removed. The Kerberos cipher suites are obsolete and use weak algorithms. Support for the Kerberos suites were removed from the JDK as part of the TLS 1.3 implementation.
The SSLEngine(String peerHost, int peerPort) ctor has the following text:
"Some cipher suites (such as Kerberos) require remote hostname information. Implementations of this class should use this constructor to use Kerberos."
The "(such as Kerberos)" and the second sentence should be removed.