Hi Tim,
Thanks for the find of the restriction in OpenJDK. The bug is tracked
as JDK-8071858:
https://bugs.openjdk.java.net/browse/JDK-8071858
(I just filed a bug, may need a few time to see it in public.)
Thanks & Regards,
Xuelei
On 1/29/2015 9:32 AM, Tim Whittington wrote:
> Hi all
>
>
Hi all
I noticed looking at the JSSE cipher suite selection that EC certificates are
unnecessarily restricted when TLS 1.2 is used.
Specifically sun.security.ssl.ServerHandshaker.trySetCipherSuite(CipherSuite)
requires “EC_EC” certs (an EC key, signed with an EC issuer key) for *_ECDSA
suites,
