On Thu, 3 Nov 2022 20:39:52 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> This change will disable TLS_ECDH_* cipher suites by default. These cipher >> suites do not preserve forward secrecy and are rarely used in practice. See >> the CSR for more details and rationale. >> >> Users will still be able to enable the suites (at their own risk) by >> removing "ECDH" from the `jdk.tls.disabledAlgorithms` security property. > > Sean Mullan has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the merge/rebase. The pull request contains two additional > commits since the last revision: > > - Merge > - Initial revision. LGTM other than the typos. test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 85: > 83: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", > 84: > 85: // AES_256(GCM) - not forward screcy Can you please fix the rest of the"screcy" typos in this file? ------------- Marked as reviewed by wetmore (Reviewer). PR: https://git.openjdk.org/jdk/pull/10969