-
Type:
Enhancement
-
Status: Resolved
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 13
-
Component/s: security-libs
-
Subcomponent:
-
Resolved In Build:b16
At present, the SunJSSE provider prefers the better performance of key exchange and digital signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS.
Forward secrecy should be preferable first. If the DHE ephemeral key limitation get resolved, the order should be changed to ECDHE-ECDSA, ECDHE-RSA, DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.
Forward secrecy should be preferable first. If the DHE ephemeral key limitation get resolved, the order should be changed to ECDHE-ECDSA, ECDHE-RSA, DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.
- csr for
-
JDK-8219545 Update the default enabled cipher suites preference
-
- Closed
-
- relates to
-
JDK-8204636 Improvement of TLS 1.3 implementation
-
- Open
-