I’d like a review of this fix for when DSA is the only key available. It’s 
debatable how realistic this situation is, but it is a regression and key tool 
uses dsa by default.

The fix is to remove tls1.3 from the default protocols. The placement of the 
code change is to minimize the keymanager check to only SSLContext setup and 
not have a check run with every connection. 

http://cr.openjdk.java.net/~ascarpino/8211426/webrev.00/

This webrev does not include the test as I did not have time to modify it yet. 
I will include that in a future review after my vacation. 

Tony

Reply via email to