Hi! I'm looking into enabling TLS 1.2 by default in OpenJDK 7 as per JDK-7093640 [1]. The reasoning being: 1. we have reports that server admins are starting to disable CBC unless TLS level is 1.1+ [2] 2. RC4 has been disabled by JDK-8076221 [3] and S8043202 (CVE-2015-2808: Prohibit RC4 cipher suites) thus leaving no trusted ciphers for TLS1.0.
[1] https://bugs.openjdk.java.net/browse/JDK-7093640 [2] https://bugs.openjdk.java.net/browse/JDK-8076221 [2] https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/1482924 This requires backporting at least 7093640 from JDK8u. Would such backport be accepted for jdk7u-dev? Now, would it be acceptable to bring a few more backports? Such as: 7059709: close the IO in a final block 7167092: Need to put the return clause in the synchronized block 8022746: List of spelling errors in API doc Those cover mostly ProtocolVersion, SSLContextImpl, and SunJSSE in sun/security/ssl. I can see a lot of other fixes in sun/security/ssl and I wonder if it would be good to bring a few those in as well. Can someone point important ones in case TLS 1.2 is enabled by default? Here is a list of changes that didn't make into JDK7, I haven't fully checked each one to see if they are JDK8 only stuff, but it might help pick important ones: 6956398: make ephemeral DH key match the length of the certificate key 6966259: Make PrincipalName and Realm immutable 7030966: Support AEAD CipherSuites 7059542: JNDI name operations should be locale independent 7063647: To use synchronized map in key manager 7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server 7092897: sun.security.util.Cache should be generified 7111548: unexpected debug log message 7145837: a little performance improvement on the usage of SecureRandom 7166487: checkSequenceNumber method never called within readRecord of SSLEngineImpl 7188657: There should be a way to reorder the JSSE ciphers 7188658: Add possibility to disable client initiated renegotiation 7194075: Various classes of sunec.jar are duplicated in rt.jar 8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK 8003951: Removes unused variables in sun.security.ssl 8004019: Removes unused method HandshakeHash.setCertificateVerifyAlg() 8005447: default principal should act as anyone 8005523: Unbound krb5 for TLS 8005535: SSLSessionImpl should have protected finalize() 8009925: Back out AEAD CipherSuites temporarily 8011680: Re-integrate AEAD implementation of JSSE 8017049: rename property jdk.tls.rejectClientInitializedRenego 8019359: To comment why not use no_renegotiation to reject client initiated renegotiation 8023230: The impl of KerberosClientKeyExchange maybe not exist 8025123: SNI support in Kerberos cipher suites 8042449: Issue for negative byte major record version 8044860: Vectors and fixed length fields should be verified for allowed sizes. 8054037: Improve tracing for java.security.debug=certpath 8067694: Improved certification checking 8072385: Only the first DNSName entry is checked for endpoint identification 8074865: General crypto resilience changes 8075040: Need a test to cover FREAK (BugDB 20647631) 8076328: Enforce key exchange constraints Best regards, Tiago -- Tiago Stürmer Daitx Software Engineer tiago.da...@canonical.com
