JDK-8161166 : Add an option to disable all "EXPORT" ciphersuites.
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Priority: P4
  • Status: Closed
  • Resolution: Won't Fix
  • Submitted: 2016-07-12
  • Updated: 2019-02-12
  • Resolved: 2017-10-20
Related Reports
Relates :  
JDK-8163237 - Restrict the use of EXPORT cipher suites
Description
Currently, the EXPORT cipher suites have to be disabled individually.

    jdk.tls.disabledAlgorithms = \
        DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
        DH_RSA_EXPORT, RSA_EXPORT


It would be nice to simplify the expression as:
    jdk.tls.disabledAlgorithms = EXPORT
Comments
The EXPORT cipher suite restricted was addressed in JDK-8163237. As we have addressed the issue, this enhancement (JDK-8161166) is useless now.
12-02-2019
"DES40_CBC, RC4_40" can be used to restrict all exportable cipher suites. May not worthy to add a new option any more.
20-10-2017