JDK-7188658 : Add possibility to disable client initiated renegotiation
- Type: Enhancement
- Component: security-libs
- Sub-Component: javax.net.ssl
- Affected Version: 6
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- OS: linux
- CPU: x86
- Submitted: 2012-08-02
- Updated: 2017-05-17
- Resolved: 2013-06-19
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 8 |
|---|
8 b96Fixed  |
Related Reports
|
Relates :
|
|
|
Relates :
|
|
|
Relates :
|
Description
Certicom SSL supports the possibilty to disable client initiated renegotiation JSSE does not support this functionality. WLS used to use Certicom-SSL. Now JSSE. Hence there is s a loss of functionality. Seems as if the needed work is already mostly done by one guy named Neale Rudd (http://wiki.metawerx.net/wiki/NealeRudd) He is talking about a patch for openjdk that delivers exactly this feature in JSSE. This is the mailinglist thread: http://mail.openjdk.java.net/pipermail/security-dev/2012-March/004645.html ===============
Comments
|