JDK-8176745 : Drop SSLContext TLSv1 cipher suite requirements
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 9
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2017-03-14
  • Updated: 2024-12-12
  • Resolved: 2017-05-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 10 JDK 9
10Fixed 9 b171Fixed
Related Reports
CSR :  
CCC-8176745 - Drop SSLContext TLSv1 cipher suite requirements
Relates :  
JDK-8283795 - Review security algorithm implementation requirements
Description
Drop the cipher suite requirement for TLSv1 implementation as specified in http://download.java.net/java/jdk9/docs/technotes/guides/security/StandardNames.html#impl: "A TLSv1 implementation must support the cipher suite SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA as defined in RFC 2246 and the special signaling cipher suite TLS_EMPTY_RENEGOTIATION_INFO_SCSV for safe renegotiation as defined in RFC 5746."
Comments
The reason the bug has noreg-doc and noreg-jck labels: No JDK source code changes are required to fix this. An existing JCK test will need to be updated to no longer test for this requirement, and the Standard Algorithm Names security specification will need to be updated to remove this requirement.
20-03-2017