8151856: Note that disabledAlgorithms override the same algorithms of legacyAlgorithms
authorxuelei
Wed, 18 May 2016 22:55:35 +0000 (2016-05-18)
changeset 38419 5201cc2ca81d
parent 38418 85a39dd50bb5
child 38420 bd42ddec1aaa
8151856: Note that disabledAlgorithms override the same algorithms of legacyAlgorithms Reviewed-by: mullan, weijun
jdk/src/java.base/share/conf/security/java.security
--- a/jdk/src/java.base/share/conf/security/java.security	Wed May 18 21:00:33 2016 +0200
+++ b/jdk/src/java.base/share/conf/security/java.security	Wed May 18 22:55:35 2016 +0000
@@ -713,6 +713,12 @@
 # See SSL/TLS specifications and "Java Cryptography Architecture Standard
 # Algorithm Name Documentation" for information about the algorithm names.
 #
+# Note: If a legacy algorithm is also restricted through the
+# jdk.tls.disabledAlgorithms property or the
+# java.security.AlgorithmConstraints API (See
+# javax.net.ssl.SSLParameters.setAlgorithmConstraints()),
+# then the algorithm is completely disabled and will not be negotiated.
+#
 # Note: This property is currently used by Oracle's JSSE implementation.
 # It is not guaranteed to be examined and used by other implementations.
 # There is no guarantee the property will continue to exist or be of the