On Fri, 4 Apr 2025 17:18:44 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Disable SHA-1 in TLS/DTLS 1.2 handshake signatures (but not in certificate >> signatures). >> https://www.rfc-editor.org/rfc/rfc9155.html > > test/jdk/sun/security/ssl/SignatureScheme/DisableSHA1inHandshakeSignatureTLS12.java > line 28: > >> 26: * @bug 8340321 >> 27: * @summary Disable SHA-1 in TLS/DTLS 1.2 signatures. >> 28: * This test only covers TLS 1.2. > > What about TLS 1.3? Do we never include sha1 signature mechanisms? `ECDSA_SHA1` is actually supported in TLSv1.3. I'll add the v1.3 test then. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24367#discussion_r2029223401
