Certicom SSL supports a feature described as "HonorCipherorder" JSSE does not support this functionality. WLS used to use Certicom-SSL. Now JSSE. Hence there is s a loss of functionality. Seems as if the needed work is already mostly done by one guy named Neale Rudd (http://wiki.metawerx.net/wiki/NealeRudd) He is talking about a patch for openjdk that delivers exactly this feature in JSSE. This is the mailinglist thread: http://mail.openjdk.java.net/pipermail/security-dev/2012-March/004645.html ===============
|