[QPID-7113] [Java Broker] Add ability to select cipher suite during TLS negotiation based on Broker side cipher suite order - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: qpid-java-6.1
Component/s: Broker-J
Labels:
None

Description

During TLS handshaking, the client requests to negotiate a cipher suite from a list of cryptographic options that it supports, starting with its first preference. Then, the server selects a single cipher suite from the list of cipher suites requested by the client. Normally, the selection honors the client's preference.

Broker should be able to select cipher suites based on its own preference rather than the client's preference in order to mitigate the risks of using weak cipher suites.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Alex Rudyy

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 26/Feb/16 16:52

Updated:: 17/Nov/16 13:05

Resolved:: 11/Mar/16 13:15