Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8172404

Tools should warn if weak algorithms are used before restricting them

    XMLWordPrintable

    Details

      Backports

        Description

        It would be useful to also start warning users that SHA-1 and 1024-bit RSA/DSA certificates are a security risk *before* we actually start disabling them.

        We add a new jdk.security.legacyAlgorithms security property to the java.security property file. keytool and jarsigner tools will be enhanced to enforce the new property and to print out informational warnings when the legacy algorithms are used. This enables users to plan transitioning away from them. This would also allow a user to edit these properties independently so that you could still get warnings from tools even if the runtime allowed the algorithm.

          Attachments

            Issue Links

            There are no Sub-Tasks for this issue.

              Activity

                People

                Assignee:
                hchao Haimay Chao
                Reporter:
                weijun Weijun Wang
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: