On Tue, 1 Apr 2025 20:53:01 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
> Disable SHA-1 in TLS/DTLS 1.2 handshake signatures (but not in certificate > signatures). > https://www.rfc-editor.org/rfc/rfc9155.html test/jdk/sun/security/ssl/SignatureScheme/DisableSHA1inHandshakeSignatureTLS12.java line 28: > 26: * @bug 8340321 > 27: * @summary Disable SHA-1 in TLS/DTLS 1.2 signatures. > 28: * This test only covers TLS 1.2. What about TLS 1.3? Do we never include sha1 signature mechanisms? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24367#discussion_r2029178689
