Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8190492

Remove SSLv2Hello and SSLv3 from default enabled TLS protocols

    Details

      Description

      SSLv3 is disabled by default because it is included in the jdk.tls.disabledAlgorithms security property, but we should also remove SSLv3 from the default enabled protocols of the JDK implementation. RFC 7568 says that SSLv3 should not be used.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rhalade Rajan Halade
                Reporter:
                mullan Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: