You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Alex Rudyy (JIRA)" <ji...@apache.org> on 2016/02/26 17:53:18 UTC

[jira] [Created] (QPID-7113) [Java Broker] Add ability to use Broker side cipher suite ordering during TLS negotiation

Alex Rudyy created QPID-7113:
--------------------------------

             Summary: [Java Broker] Add ability to use Broker side cipher suite ordering during TLS negotiation
                 Key: QPID-7113
                 URL: https://issues.apache.org/jira/browse/QPID-7113
             Project: Qpid
          Issue Type: Improvement
          Components: Java Broker
            Reporter: Alex Rudyy


During TLS handshaking, the client requests to negotiate a cipher suite from a list of cryptographic options that it supports, starting with its first preference. Then, the server selects a single cipher suite from the list of cipher suites requested by the client. Normally, the selection honors the client's preference. 

Broker should be able to select cipher suites based on its own preference rather than the client's preference in order to mitigate the risks of using weak cipher suites.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org