United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-4873188 : Support TLS 1.1

Details
Type:
Enhancement
Submit Date:
2003-06-03
Status:
Closed
Updated Date:
2011-07-27
Project Name:
JDK
Resolved Date:
2011-03-07
Component:
security-libs
OS:
generic
Sub-Component:
javax.net.ssl
CPU:
generic
Priority:
P3
Resolution:
Fixed
Affected Versions:
1.4.0,5.0,6,7
Fixed Versions:

Related Reports
Duplicate:
Duplicate:
Duplicate:
Relates:
Relates:
Relates:

Sub Tasks

Description
TLS 1.1 (http://www.ietf.org/internet-drafts/draft-ietf-tls-rfc2246-bis-04.txt) will complete WG last call on June 10, 2003. We should support it when standardization is complete.
TLS 1.1 was issued as the Standards Track in April 2006, RFC 4346. http://www.ietf.org/rfc/rfc4346.txt. The major changes from TLS 1.0 are:

   -  The implicit Initialization Vector (IV) is replaced with an
      explicit IV to protect against CBC attacks [CBCATT].

   -  Handling of padding errors is changed to use the bad_record_mac
      alert rather than the decryption_failed alert to protect against
      CBC attacks.

   -  IANA registries are defined for protocol parameters.

   -  Premature closes no longer cause a session to be nonresumable.

   -  Additional informational notes were added for various new attacks
      on TLS.

                                    

Comments
EVALUATION

http://hg.openjdk.java.net/jdk7/build/jdk/rev/93cd7e89adb8
                                     
2010-12-04
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
mustang


                                     
2004-09-02
EVALUATION


Not a mantis showstopper, evaluating to get it off the mantis list.

###@###.### 2003-06-04

Not finished for tiger.  Still in Internet Draft (expiring in December)
May need to wait for dragon/mustang.   Should reserve name in our
docs.

###@###.### 2003-08-21
                                     
2003-08-21



Hardware and Software, Engineered to Work Together