Hi, Could I have the following CSR reviewed? https://bugs.openjdk.java.net/browse/JDK-8219657
It is proposing to use server cipher suite preference by default for TLS connections in JDK. In the current implementation, the server honors the client cipher suite preference by default. It is easier to maintain if using the server cipher suite preference, and then the server can have more control over the security parameters of TLS connections.
I think the compatibility impact should be minimal. If there is a known risk for you, please let me know by the end of March 4, 2019.
Thanks, Xuelei
