TLS 1.1 adds explicit IVs, which is a viable fix for the vulnerability and also removes inter-record dependency. The latter is needed by DTLS for loss insensitive messaging.
The SunJSSE of CBC mode is insecure against chosen plaintext attacks
(as all TLS 1.0 implemetations). What's the state of TLS 1.1 support
for (Open)JDK 7?
- [security-dev 00055]: State of TLS 1.1 implementation Christian Uebber
- [security-dev 00056]: Re: State of TLS 1.1 implement... Andrew Fan
- [security-dev 00060]: Re: State of TLS 1.1 imple... Christian Uebber
