On Fri, 4 Nov 2022 13:12:34 GMT, Sean Mullan wrote:
>> This change will disable TLS_ECDH_* cipher suites by default. These cipher
>> suites do not preserve forward secrecy and are rarely used in practice. See
>> the CSR for more details and rationale.
>>
>> Users will still be able to enable t
On Fri, 4 Nov 2022 13:08:26 GMT, Sean Mullan wrote:
>> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 85:
>>
>>> 83: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
>>> 84:
>>> 85: // AES_256(GCM) - not forward screcy
>>
>> Can you please fix the rest of the"scre
On Fri, 4 Nov 2022 00:23:03 GMT, Bradford Wetmore wrote:
>> Sean Mullan has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Fix "screcy" typos.
>
> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 85:
>
>> 83:
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the suites (at their own risk) by removing
> "ECDH" from th
On Thu, 3 Nov 2022 20:39:52 GMT, Sean Mullan wrote:
>> This change will disable TLS_ECDH_* cipher suites by default. These cipher
>> suites do not preserve forward secrecy and are rarely used in practice. See
>> the CSR for more details and rationale.
>>
>> Users will still be able to enable t
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the suites (at their own risk) by removing
> "ECDH" from th
On Thu, 3 Nov 2022 14:59:59 GMT, Sean Mullan wrote:
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the su
On Thu, 3 Nov 2022 15:26:44 GMT, Bernd wrote:
> Should probably also be mentioned as planned on the Ora crypto roadmap or
> will it only be added at release time?
Eventually. This is to first get this change into a feature release.
-
PR: https://git.openjdk.org/jdk/pull/10969
On Thu, 3 Nov 2022 14:59:59 GMT, Sean Mullan wrote:
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the su
On Thu, 3 Nov 2022 14:59:59 GMT, Sean Mullan wrote:
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the su
This change will disable TLS_ECDH_* cipher suites by default. These cipher
suites do not preserve forward secrecy and are rarely used in practice. See the
CSR for more details and rationale.
Users will still be able to enable the suites (at their own risk) by removing
"ECDH" from the `jdk.tls.d
11 matches
Mail list logo
