Integrated: 8259709: Disable SHA-1 XML Signatures

Sean Mullan Thu, 04 Mar 2021 09:25:31 -0800

On Mon, 8 Feb 2021 20:46:41 GMT, Sean Mullan <mul...@openjdk.org> wrote:


> Please review this change to disable XML signatures that use SHA-1 based 
> digest or signature algorithms. SHA-1 is weak and is not a recommended 
> algorithm for digital signatures. This will improve out of the box security 
> by restricting XML signatures that use SHA-1 algorithms.
> 
> CSR: https://bugs.openjdk.java.net/browse/JDK-8261246
> Release Note: https://bugs.openjdk.java.net/browse/JDK-8261364

This pull request has now been integrated.

Changeset: a6427c85
Author:    Sean Mullan <mul...@openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/a6427c85
Stats:     54 lines in 5 files changed: 49 ins; 0 del; 5 mod

8259709: Disable SHA-1 XML Signatures

Reviewed-by: rhalade, weijun

-------------

PR: https://git.openjdk.java.net/jdk/pull/2463

Integrated: 8259709: Disable SHA-1 XML Signatures

Reply via email to