[JAVA-3505] Disable TLS renegotiation when possible Created: 05/Nov/19  Updated: 27/Oct/23  Resolved: 11/Nov/19

Status: Closed
Project: Java Driver
Component/s: Connection Management
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: PM Bot Assignee: Jeffrey Yemin
Resolution: Works as Designed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by DRIVERS-580 Disable TLS renegotiation when possible Implementing

 Description   

See DRIVERS-580 for details.



 Comments   
Comment by Jeffrey Yemin [ 11/Nov/19 ]

See https://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html for a description of TLS renegotiation in JSSE. In short, the renegotiation is controlled by global system properties, and the default value is secure.

Comment by Jeffrey Yemin [ 11/Nov/19 ]

Probably nothing to do here since all TLS-related configuration in the JVM is typically either with a global system property or a custom SSLContext provided to the driver by the application.

Generated at Thu Feb 08 08:59:46 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.