Looks ok to me, with the exception as you pointed out that this doesn't
follow section 4 of RFC 6460. Why was this done, and how did you
originally determine the original ciphersuite ordering for GCMs?
Brad
On 12/29/2013 7:56 PM, Xuelei Fan wrote:
Hi,
Please review this small update.
webrev: http://cr.openjdk.java.net/~xuelei/8028518/webrev.00/
In TLS protocols, cipher suite specifies the crypto algorithms used in
TLS connections. The priorities of cipher suites define the preference
order that a cipher suite may be used in a TLS connection.
When introducing the AEAD/GCM cipher suites in SunJSSE provider (JEP
115)[1], for better compatibility and interoperability, we decided to
decrease the priority of cipher suites in GCM mode for a while before
GCM technologies mature in the industry.
It's time to consider to increase the priorities of GCM mode cipher
suite in early stage of JDK 9.
Thanks,
Xuelei
[1] http://openjdk.java.net/jeps/115