Open bhushan5640 opened 6 years ago
I think the simulation should be limited to the last publicly available release.
Could you also add a simulation for Java 9? I'm not sure if something may changed to Java 8.
I'd also like to see a simulation for Unlimited Strength Java(TM) Cryptography Extension Policy Files. I more and more get issues where others tell me to install this as they are upgrading to incompatible server configurations that lock out standard Java 8 clients.
I just found out that there are SSL result differences between 8.0.44 and 8.0.161. The connection fails with 8.0.44, but does not with 8.0.161. The site you can test with is https://media.leisure-group.net/
Ok, per java 8.0.161 release notes http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html they enabled Unlimited cryptography by default. So we really need a new run with 8.0.161.
security-libs/javax.crypto Unlimited cryptography enabled by default The JDK uses the Java Cryptography Extension (JCE) Jurisdiction Policy files to configure cryptographic algorithm restrictions. Previously, the Policy files in the JDK placed limits on various algorithms. This release ships with both the limited and unlimited jurisdiction policy files, with unlimited being the default. The behavior can be controlled via the new 'crypto.policy' Security property found in the /lib/java.security file. Please refer to that file for more information on this property.
Currently, the baseline versions of Java Clients included in the Handshake simulation is very old and may give sites an incorrect assessment of what protocols are required to support clients. This could lead sites to retain RSA key exchange and 3DES longer than actually necessary.
2017-01-17 - 8u121 b13, 7u131 b12, 6u141 b12, R28.3.13
2016-04-29 6u115 b32
2016-01-19 6u111 b12 TLS 1.11
-brihow