New JEP Draft for review: "Disable SHA-1 Certificates"

Sean Mullan sean.mullan at
Tue Apr 5 12:28:19 UTC 2016

We are seeking feedback on a new JEP Draft ("Disable SHA-1 Certificates) 
that is initially targeted to JDK 9:

The goal of the JEP is to improve the default security configuration of 
the JDK by disabling X.509 certificate chains with SHA-1 based signatures.

Backports to earlier releases will be targeted at a later date after 
more communication, discussion and testing.


More information about the security-dev mailing list