Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8163327

Remove 3DES from the default enabled cipher suites list

    XMLWordPrintable

    Details

      Description

      Per RFC 7525, implementations SHOULD NOT negotiate cipher suites that use algorithms offering less than 128 bits of security. The strength of 3DES is 112 bits, which is less than 128 bits of security.

      Cipher suites using 3DES are already disabled by default via the jdk.tls.disabledAlgorithms security property. This change would go one step further and not make them available by default, even if removed from the jdk.tls.disabledAlgorithms security property.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              xuelei Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: