On Mon, 21 Mar 2022 19:40:07 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> This fix removes obsolete and deprecated 3DES cipher suites from the default > enabled cipher suites list of the SunJSSE provider implementation. > > Note that 3DES suites are already disabled by default via the > `jdk.tls.disabledAlgorithms` security property. This change goes one step > further and provides an extra level of defense by making them unavailable by > default. See the CSR for more details: > https://bugs.openjdk.java.net/browse/JDK-8283450 src/java.base/share/classes/sun/security/ssl/CipherSuite.java line 425: > 423: ProtocolVersion.PROTOCOLS_TO_12, > 424: K_RSA, B_3DES, M_SHA, H_SHA256), > 425: It is good to have the supported cipher suites ordered. So it may be nice to have this block between line 348 and 349. ------------- PR: https://git.openjdk.java.net/jdk/pull/7894
