qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-7113) [Java Broker] Add ability to select cipher suite during TLS negotiation based on Broker side cipher suite order
Date Wed, 09 Mar 2016 16:12:40 GMT

    [ https://issues.apache.org/jira/browse/QPID-7113?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15187318#comment-15187318
] 

ASF subversion and git services commented on QPID-7113:
-------------------------------------------------------

Commit 1734283 from [~godfrer] in branch 'java/trunk'
[ https://svn.apache.org/r1734283 ]

QPID-7113 : When using Java 8, if the cipher suite white list is set then set broker to use
the cipher suite order for preference

> [Java Broker] Add ability to select cipher suite during TLS negotiation based on Broker
side cipher suite order
> ---------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-7113
>                 URL: https://issues.apache.org/jira/browse/QPID-7113
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Alex Rudyy
>             Fix For: qpid-java-6.1
>
>
> During TLS handshaking, the client requests to negotiate a cipher suite from a list of
cryptographic options that it supports, starting with its first preference. Then, the server
selects a single cipher suite from the list of cipher suites requested by the client. Normally,
the selection honors the client's preference. 
> Broker should be able to select cipher suites based on its own preference rather than
the client's preference in order to mitigate the risks of using weak cipher suites.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message