JDK-8245476 : Disable TLSv1.3 protocol in the ClientHello message by default
  • Type: Sub-task
  • Component: security-libs
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-05-20
  • Updated: 2020-09-04
  • Resolved: 2020-08-31
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
openjdk8u272 b06Fixed
Description
TLSv1.3 still can be enabled on the client-side:
- via the existing SSLSocket/SSLEngine/SSLParameters/SSLContext API
- via the jdk.tls.client.protocols property
- via the https.protocols property
Comments
URL: https://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/ad16e2ef963c User: andrew Date: 2020-09-04 15:15:14 +0000
04-09-2020
URL: https://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/ad16e2ef963c User: andrew Date: 2020-08-31 05:57:48 +0000
31-08-2020
Review approval: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-July/012213.html
21-07-2020