JDK-8153020 : Release Note: New system property to control re-enabling of RC4-based ciphersuites in 7u101, 6u115 releases
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 6u115,7u101
  • Priority: P4
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2016-03-29
  • Updated: 2018-03-21
  • Resolved: 2017-01-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7
6u115Resolved 7u101Resolved
Description
Setting `-Djdk.tls.enableRC4CipherSuites=true` adds the following RC4 based ciphersuites back to the default enabled JSSE ciphersuite list:

* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
* TLS_ECDHE_RSA_WITH_RC4_128_SHA
* TLS_ECDH_ECDSA_WITH_RC4_128_SHA
* TLS_ECDH_RSA_WITH_RC4_128_SHA
* SSL_RSA_WITH_RC4_128_SHA
* SSL_RSA_WITH_RC4_128_MD5

This system property will only have impact from the JDK 7u101 and JDK 6u115 releases. By default, RC4-based ciphersuites are not in the default enabled list. They were removed in the JDK 6u101 and JDK 7u85 releases. 
Comments
Incorporated in the Release Notes
21-04-2016

Initial release note subtask created for JDK-8141050
29-03-2016