JDK-8261364 : Release Note: Disable SHA-1 XML Signatures
- Type: Sub-task
- Component: security-libs
- Sub-Component: javax.xml.crypto
- Affected Version: 17
- Priority: P3
- Status: Closed
- Resolution: Delivered
- Submitted: 2021-02-08
- Updated: 2021-12-06
- Resolved: 2021-12-06
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 17 |
|---|
17Resolved  |
Description
XML signatures that use SHA-1 based digest or signature algorithms have been disabled by default. SHA-1 is no longer a recommended algorithm for digital signatures. If necessary, and at their own risk, applications can workaround this policy by modifying the `jdk.xml.dsig.secureValidationPolicy` security property and re-enabling the SHA-1 algorithms.