[jira] [Updated] (QPID-8354) [Broker-J][JMS AMQP 0-x] Backlist TLSv1.1

Alex Rudyy (Jira) Sun, 29 Sep 2019 15:27:05 -0700


     [ 
https://issues.apache.org/jira/browse/QPID-8354?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Alex Rudyy updated QPID-8354:
-----------------------------
    Fix Version/s: qpid-java-client-0-x-6.4.0
                   qpid-java-client-0-x-6.3.5

> [Broker-J][JMS AMQP 0-x] Backlist TLSv1.1
> -----------------------------------------
>
>                 Key: QPID-8354
>                 URL: https://issues.apache.org/jira/browse/QPID-8354
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Broker-J, JMS AMQP 0-x
>            Reporter: Alex Rudyy
>            Priority: Major
>             Fix For: qpid-java-broker-8.0.0, qpid-java-client-0-x-6.4.0, 
> qpid-java-broker-7.1.5, qpid-java-client-0-x-6.3.5
>
>
> The TLSv1.1 is allowed by default for establishing TLS connectivity in both 
> Qpid Broker-J and legacy JMS client for AMQP 0-x. TLS 1.0 is already 
> blacklisted in both products.  We can consider restricting allowed TLS 
> protocols to TLSv1.2 and TLSv1.3 by default. The TLSv1.2 can be used with 
> JDK8-10 and TLSv1.3 can be used with JDK 11 and above.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (QPID-8354) [Broker-J][JMS AMQP 0-x] Backlist TLSv1.1

Reply via email to