Issue JDK-4873188 [1] asked for TLS 1.1 support for OpenJDK 1.4, 5, 6, and 7. It was implemented for OpenJDK 7 [2] and recently backported to 6 [3].
An issue to add TLS 1.2 support to OpenJDK 1.4, 5, and 6 was tracked by JDK-6916074 [4], but support for it was only added for OpenJDK 7 [5]. It is not clear at this time if TLS 1.2 is supported by OpenJDK 6. The TLS 1.1 backport [3] seems to have integrated TLS 1.2 support code (but with a seemly hard-coded max for TLS 1.1) and a fix for a TLS 1.2 bug was recently incorporated [6] which includes a test for "SSLv3", "TLSv1", "TLSv1.1", and "TLSv1.2". JDK-7093640 [7] tracked the effort to enable TLS 1.2 by default for OpenJDK 7 and 8, but was only enabled for OpenJDK 8 [8] and 9 [9]. The rationale at the time [see 7] was to keep it disabled for OpenJDK 7 due to existing "version intolerant" servers - ie. "TLS server deployments that do not accept higher TLS version numbers, which is generally version TLS v1.0". As for RC4, disabling it was originally reported in JDK-8076221 [10] and executed by S8043202. For OpenJDK 7, that change was integrated into IcedTea 2.5 JDK forest [11] and released in 2.5.6 [12] and 2.6.1 [13]. OpenJDK 6 got it in IcedTea 1.13.8 release [14]. References: [1] https://bugs.openjdk.java.net/browse/JDK-4873188 [2] http://hg.openjdk.java.net/jdk7/jdk7/jdk/rev/93cd7e89adb8 [3] http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/0ddb5d39438d [4] https://bugs.openjdk.java.net/browse/JDK-6916074 [5] http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d6a9f65d2bf [6] http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/042e39055298 [7] https://bugs.openjdk.java.net/browse/JDK-7093640 [8] https://bugs.openjdk.java.net/browse/JDK-8031273 [9] https://bugs.openjdk.java.net/browse/JDK-8030791 [10] https://bugs.openjdk.java.net/browse/JDK-8076221 [11] http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk/rev/0982455b2f4d [12] http://blog.fuseyism.com/index.php/2015/07/23/security-icedtea-2-5-6-for-openjdk-7-released/ [13] http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ [14] http://blog.fuseyism.com/index.php/2015/07/30/security-icedtea-1-13-8-for-openjdk-6-released/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1482924 Title: Regressions due to USN-2696-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1482924/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
