Details
-
Type:
Sub-task
-
Status: Closed
-
Priority:
P4
-
Resolution: Delivered
-
Affects Version/s: 11.0.10-oracle
-
Fix Version/s: 11.0.10-oracle
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Verification:Verified
Description
The named elliptic curve groups `x25519` and `x448` are now available for JSSE key agreement in TLS versions 1.0 to 1.3, with `x25519` being the most preferred of the default enabled named groups. The default ordered list is now:
```
x25519, secp256r1, secp384r1, secp521r1, x448,
ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
```
The default list can be overridden by using the system property *`jdk.tls.namedGroups`*.
```
x25519, secp256r1, secp384r1, secp521r1, x448,
ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
```
The default list can be overridden by using the system property *`jdk.tls.namedGroups`*.