On Mon, 16 Nov 2020 20:18:16 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> This change disables the TLSv1 and TLSv1.1 protocols by adding them to the > jdk.tls.disabledAlgorithms security property in the java.security file. These > protocols use weak algorithms and are being deprecated by the IETF. They > should be disabled by default to improve the default security configuration > of the JDK. See the CSR for more rationale: > https://bugs.openjdk.java.net/browse/JDK-8254713 > > The fix mostly involves changes to existing tests that for one reason or > another depend on the TLSv1 and TLSv1.1 protocols being enabled. There is a > new test specifically for this issue: > test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java This pull request has now been integrated. Changeset: 3a4b90f0 Author: Sean Mullan <mul...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/3a4b90f0 Stats: 396 lines in 21 files changed: 273 ins; 97 del; 26 mod 8202343: Disable TLS 1.0 and 1.1 Reviewed-by: xuelei, dfuchs, coffeys ------------- PR: https://git.openjdk.java.net/jdk/pull/1235
