On Tue, 13 Jan 2026 10:59:39 GMT, Daniel Jeliński <[email protected]> wrote:
>> SunJSSE should not probe SHA1withECDSA signature availably when determining >> if elliptic curve cryptography is available, as it is deprecated and not >> required for ECDHE and ECDSA signature schemes. This change removes >> SHA1withECDSA from the EC availability probe. TLS signature scheme >> availability is validated later during handshake negotiation. > > LGTM. > > SHA1withECDSA (`SIGNATURE_ECDSA`) is required for ECDHE_ECDSA in TLS 1.1 and > older. Starting with TLS 1.2, there are several hash algorithms available to > choose from, and SHA1 is no longer required. @djelinski @ascarpino Thanks for the review! ------------- PR Comment: https://git.openjdk.org/jdk/pull/29184#issuecomment-3781207248
