Release Note Review JDK-8028518: Increase the priorities of GCM cipher suites (original) (raw)

Brad R. Wetmore bradford.wetmore at oracle.com
Mon Mar 20 17:44:13 UTC 2017

There's some minor English adjustments that could be made.

In TLS protocols, cipher suite specifies the cryptography algorithms used in TLS connections. The priorities of cipher suites define the preference order that a cipher suite may be used in a TLS connection. In this update, GCM-based cipher suites are configured as the most preferable default cipher suites in the SunJSSE provider. -> In TLS, a ciphersuite defines a specific set of cryptography algorithms used in a TLS connection. JSSE maintains a prioritized list of ciphersuites. In this update, GCM-based cipher suites are configured as the most preferable default cipher suites in the SunJSSE provider.

In the SunJSSE provider, the following cipher suites are move to the head of default enabled cipher suite list: -> In the SunJSSE provider, the following ciphersuites are now the most preferred by default:

SunJSSE provider in JDK -> SunJSSE provider in the Oracle JRE

There is no guarantee the cipher suites priorities to remain the same in future updates or releases. -> There is no guarantee the cipher suites priorities will remain the same in future updates or releases.

Have you worked with docs to update the Oracle Providers list?

 9-ea/technotes/guides/security/SunProviders.html#SunJSSEProvider

It looks like the current docs (downloaded on Friday) is out of date.

Brad

On 3/20/2017 9:23 AM, Xuelei Fan wrote:

Hi,

Please review the release note of JDK-8028518, "Increase the priorities of GCM cipher suites". Release note: https://bugs.openjdk.java.net/browse/JDK-8177143 RFE: https://bugs.openjdk.java.net/browse/JDK-8028518 Thanks, Xuelei

More information about the security-dev mailing list