JDK-8148421 : Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 6,7,8,9
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2016-01-28
  • Updated: 2018-06-20
  • Resolved: 2017-11-28
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 10 JDK 6 JDK 7 JDK 8 JDK 9 Other
10 b36Fixed 6u191Fixed 7u181Fixed 8u162Fixed 9.0.4Fixed openjdk7uFixed
Related Reports
CSR :  
JDK-8186898 - Support Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
Duplicate :  
JDK-8190917 - Java 9 regression : SSL session resumption, through handshake, in SSLEngine is broken for any protocols lesser than TLSv1.2
Relates :  
JDK-8193892 - Impact of noncloneable MessageDigest implementation
Relates :  
JDK-8193683 - Increase the number of clones in the CloneableDigest
Relates :  
JDK-8190917 - Java 9 regression : SSL session resumption, through handshake, in SSLEngine is broken for any protocols lesser than TLSv1.2
Sub Tasks
JDK-8192045 :  
Release Note: TLS Session Hash and Extended Master Secret Extension Support - Closed
Description
Consider to support and backport the security enhancement of SSL/TLS protocols: https://tools.ietf.org/html/rfc7627
Comments
[~asaha] please take this fix and go ahead with the 8u161 GAC build
15-12-2017
Integrate the contribution from RedHat (Martin Balao) and Oracle (Xuelei Fan).
28-11-2017
Assigning to myself on behalf of Martin Balao, who is working on this feature.
02-08-2017