JDK-8030683 : Add feature to disable weak TLS protocol versions
- Type: Enhancement
- Component: security-libs
- Sub-Component: javax.net.ssl
- Priority: P3
- Status: Closed
- Resolution: Duplicate
- Submitted: 2013-12-17
- Updated: 2014-12-03
- Resolved: 2014-12-03
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 9 |
|---|
9Resolved  |
Related Reports
|
Blocks :
|
Description
RFC 6176 is proposed to prohibit SSL version 2.0. SSL 3.0 and TLS 1.0 are also facing a few challenges. Customers may want to disable SSLV2Hello, SSLv3 and TLSv1 for a safer TLS communication environment. It is may be doable by extending algorithm constraints of JSSE.