changeset 16480:13dc4460ec4a

8151856: Note that disabledAlgorithms override the same algorithms of legacyAlgorithms Reviewed-by: mullan, weijun
author xuelei
date Wed, 18 May 2016 22:55:35 +0000
parents 6b5c8b0f6b74
children eb272e1c31b7
files src/java.base/share/conf/security/java.security
diffstat 1 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.security	Wed May 18 21:00:33 2016 +0200
+++ b/src/java.base/share/conf/security/java.security	Wed May 18 22:55:35 2016 +0000
@@ -713,6 +713,12 @@
 # See SSL/TLS specifications and "Java Cryptography Architecture Standard
 # Algorithm Name Documentation" for information about the algorithm names.
 #
+# Note: If a legacy algorithm is also restricted through the
+# jdk.tls.disabledAlgorithms property or the
+# java.security.AlgorithmConstraints API (See
+# javax.net.ssl.SSLParameters.setAlgorithmConstraints()),
+# then the algorithm is completely disabled and will not be negotiated.
+#
 # Note: This property is currently used by Oracle's JSSE implementation.
 # It is not guaranteed to be examined and used by other implementations.
 # There is no guarantee the property will continue to exist or be of the