> This fix removes obsolete and deprecated 3DES cipher suites from the default > enabled cipher suites list of the SunJSSE provider implementation. > > Note that 3DES suites are already disabled by default via the > `jdk.tls.disabledAlgorithms` security property. This change goes one step > further and provides an extra level of defense by making them unavailable by > default. See the CSR for more details: > https://bugs.openjdk.java.net/browse/JDK-8283450
Sean Mullan has updated the pull request incrementally with one additional commit since the last revision: Move TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA and SSL_DH_anon_WITH_3DES_EDE_CBC_SHA lower in priority after other 3DES suites. ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/7894/files - new: https://git.openjdk.java.net/jdk/pull/7894/files/aed9c954..9edfa9ac Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7894&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7894&range=00-01 Stats: 18 lines in 1 file changed: 9 ins; 9 del; 0 mod Patch: https://git.openjdk.java.net/jdk/pull/7894.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/7894/head:pull/7894 PR: https://git.openjdk.java.net/jdk/pull/7894
