In line 601, doesn't this mean that SSL3/SSL20Hello are not longer
available as supported, and that you can't turn them back on?
Brad
On 12/4/2019 1:19 PM, Rajan Halade wrote:
May I request you to review following fix which removes SSLv2Hello and
SSLv3 from default enabled protocols.
SSLv3 has been deprecated with RFC 7568. We have already disabled it by
default in 2015 by adding it to the jdk.tls.disabledAlgorithms property.
This fix removes it from default enabled list as well. If client/server
want to use this protocol they can still do so by enabling it with
setEnabledProtocols() API.
Webrev: http://cr.openjdk.java.net/~rhalade/8190492/webrev.00/
Thanks,
Rajan
