[11u] RFR: 8233228: Disable weak named curves by default in TLS, CertPath, and Signed JAR
aph at redhat.com
Wed Jun 3 08:29:46 UTC 2020
On 02/06/2020 16:59, Lindenmaier, Goetz wrote:
> Please review.
My God, what a mess elliptic-curve cryptography can be when used in
the real world!  It makes me yearn for the good old simplicity of
RSA, and reminds us all how easy it is to be tempted by the call of
"efficient" public-key cryptography.
Andrew Haley (he/him)
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the jdk-updates-dev