> As to TLS 1.2 on by default, I think there’s precedent for this in > us adding TLS 1.1 on OpenJDK 6 and I'm of the opinion that secure by default > outweighs compatible by default
I agree. If there was such thing as TLS 1.1.1 with just security fixes - that would be the way to go. The only way to stay secure with reasonable effort - update to 1.2. Ivan > On 19 Aug 2015, at 21:33, Andrew Hughes <gnu.and...@redhat.com> wrote: > > > > ----- Original Message ----- >> Hi! >> >> I'm looking into enabling TLS 1.2 by default in OpenJDK 7 as per >> JDK-7093640 [1]. The reasoning being: >> 1. we have reports that server admins are starting to disable CBC >> unless TLS level is 1.1+ [2] >> 2. RC4 has been disabled by JDK-8076221 [3] and S8043202 >> (CVE-2015-2808: Prohibit RC4 cipher suites) >> thus leaving no trusted ciphers for TLS1.0. >> >> [1] https://bugs.openjdk.java.net/browse/JDK-7093640 >> [2] https://bugs.openjdk.java.net/browse/JDK-8076221 >> [2] https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/1482924 >> >> This requires backporting at least 7093640 from JDK8u. Would such >> backport be accepted for jdk7u-dev? >> >> Now, would it be acceptable to bring a few more backports? Such as: >> 7059709: close the IO in a final block >> 7167092: Need to put the return clause in the synchronized block >> 8022746: List of spelling errors in API doc >> >> Those cover mostly ProtocolVersion, SSLContextImpl, and SunJSSE in >> sun/security/ssl. >> >> I can see a lot of other fixes in sun/security/ssl and I wonder if it >> would be good to bring a few those in as well. Can someone point >> important ones in case TLS 1.2 is enabled by default? Here is a list >> of changes that didn't make into JDK7, I haven't fully checked each >> one to see if they are JDK8 only stuff, but it might help pick >> important ones: >> >> 6956398: make ephemeral DH key match the length of the certificate key >> 6966259: Make PrincipalName and Realm immutable >> 7030966: Support AEAD CipherSuites >> 7059542: JNDI name operations should be locale independent >> 7063647: To use synchronized map in key manager >> 7064075: Security libraries don't build with javac >> -Xlint:all,-deprecation -Werror >> 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server >> 7092897: sun.security.util.Cache should be generified >> 7111548: unexpected debug log message >> 7145837: a little performance improvement on the usage of SecureRandom >> 7166487: checkSequenceNumber method never called within readRecord of >> SSLEngineImpl >> 7188657: There should be a way to reorder the JSSE ciphers >> 7188658: Add possibility to disable client initiated renegotiation >> 7194075: Various classes of sunec.jar are duplicated in rt.jar >> 8000970: break out auxiliary classes that will prevent multi-core >> compilation of the JDK >> 8003951: Removes unused variables in sun.security.ssl >> 8004019: Removes unused method HandshakeHash.setCertificateVerifyAlg() >> 8005447: default principal should act as anyone >> 8005523: Unbound krb5 for TLS >> 8005535: SSLSessionImpl should have protected finalize() >> 8009925: Back out AEAD CipherSuites temporarily >> 8011680: Re-integrate AEAD implementation of JSSE >> 8017049: rename property jdk.tls.rejectClientInitializedRenego >> 8019359: To comment why not use no_renegotiation to reject client >> initiated renegotiation >> 8023230: The impl of KerberosClientKeyExchange maybe not exist >> 8025123: SNI support in Kerberos cipher suites >> 8042449: Issue for negative byte major record version >> 8044860: Vectors and fixed length fields should be verified for allowed >> sizes. >> 8054037: Improve tracing for java.security.debug=certpath >> 8067694: Improved certification checking >> 8072385: Only the first DNSName entry is checked for endpoint identification >> 8074865: General crypto resilience changes >> 8075040: Need a test to cover FREAK (BugDB 20647631) >> 8076328: Enforce key exchange constraints >> >> >> Best regards, >> Tiago >> >> -- >> Tiago Stürmer Daitx >> Software Engineer >> tiago.da...@canonical.com >> > > Hi Tiago, > > I'm working on getting the 7u85 release into upstream OpenJDK 7u right > now, but just wanted to let you know that I'd seen this mail. I'll > go through it in more detail when I've finished with that. > > From a quick glance, there's some stuff that's already on my list that > we have in IcedTea (8072385 and 6956398 for sure). There's also some > stuff that initially looks like refactoring/new feature stuff that I don't > think is appropriate, but I'll have to go through the actual changesets. > > As to TLS 1.2 on by default, I think there's precedent for this in > us adding TLS 1.1 on OpenJDK 6 and I'm of the opinion that secure by default > outweighs compatible by default. But I'd appreciate the input of others. > > Thanks, > -- > Andrew :) > > Senior Free Java Software Engineer > Red Hat, Inc. (http://www.redhat.com) > > PGP Key: ed25519/35964222 (hkp://keys.gnupg.net) > Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222 > > PGP Key: rsa4096/248BDC07 (hkp://keys.gnupg.net) > Fingerprint = EC5A 1F5E C0AD 1D15 8F1F 8F91 3B96 A578 248B DC07 >
