Looking to backport this change to jdk7u-dev. Best security practice
would be to lower the preference ordering of RC4 ciphersuites. This is
work that's already in progress for JDK 8u and JDK 9.
For JDK 7u, I'd also like to introduce a compatibility flag which will
reverse this change in case legacy applications run into issues with the
preference re-ordering. It won't be available in 8u & 9. CCC approval
has been granted.
http://cr.openjdk.java.net/~coffeys/webrev.rc4.7u.v2/webrev/
regards,
Sean.
