On Tue, 1 Apr 2025 20:53:01 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
> Disable SHA-1 in TLS/DTLS 1.2 handshake signatures (but not in certificate > signatures). > https://www.rfc-editor.org/rfc/rfc9155.html > > Also fixing a little TLSv1.3 spec violation bug: ECDSA_SHA1 should not be > allowed for handshake signatures in TLSv1.3. This pull request has now been integrated. Changeset: dfa79c37 Author: Artur Barashev <abaras...@openjdk.org> Committer: Sean Mullan <mul...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/dfa79c373097d17a347b7c17103c57e12f59dc67 Stats: 249 lines in 5 files changed: 246 ins; 0 del; 3 mod 8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures Reviewed-by: mullan ------------- PR: https://git.openjdk.org/jdk/pull/24367
