Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 9
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Resolved In Build:b120
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8183849 | 8u161 | Sean Coffey | P3 | Resolved | Fixed | b01 |
| JDK-8178721 | 8u152 | Sean Coffey | P3 | Resolved | Fixed | b04 |
| JDK-8192583 | emb-8u161 | Sean Coffey | P3 | Resolved | Fixed | b01 |
Description
test/javax/net/ssl/etc/keystore is used a lot for X.509 cert based SSL/TLS authentication. MD5 and SHA1 are used as the signature algorithms. The key size of EC certs is 192 bits.
MD5 has been disabled, and 192-bits EC keys will be disabled in the near future(seeJDK-8148516). It's time to use stronger algorithms (SHA256) and keys (2048-bits for RSA/DSA and 256-bits for EC)
MD5 has been disabled, and 192-bits EC keys will be disabled in the near future(see
Attachments
Issue Links
- backported by
-
JDK-8178721 Use stronger algorithms and keys for JSSE testing
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
JDK-8211883 Disable anon and NULL cipher suites
-
- Resolved
-