Last updated on
The following information represents Oracle's plans for changes to the security algorithms and associated policies/settings in the Oracle Java Runtime Environment (JRE) and Java SE Development Kit (JDK).
The information on this site is intended for releases currently supported by Oracle (as described in the Java SE Support Roadmap) and Early Access releases when applicable. The Oracle JRE/JDK have a pluggable security architecture, which allows for the use of third-party security providers. The information provided in this roadmap only applies to the security providers shipped by Oracle in the Oracle JRE and JDK. It does not apply to third-party security providers.
These notices cover changes on update releases. New feature releases may implement new security algorithms or use different default settings than previously released versions. Information on changes delivered with new feature releases, including changes in cryptography, can be found on the release notes. However, for some notable exceptions, this site may include notices about changes in a future release or even early access versions.
The information below is a summary of Oracle’s current plans.
It is intended to provide general information to the public.
This roadmap can change with little or no warning, though
Oracle will attempt to provide advance notice about these
changes. In some instances, it is possible that required
changes will be published only after a given JRE/JDK release.
The changes announced on this roadmap reflect Oracle's minimum recommendations for production environments. Oracle encourages users to proactively test/enable these changes before they are enabled by default in the JRE and JDK. Note that the chart below links to technical instructions on how to test or revert the changes in the security algorithms and associated policies/settings in the JRE and JDK.
|Targeted Date(2)||Targeted Release(s)
||Algorithm/Protocol||Action||Additional Information||Change Log|
|Release Date||Release(s) Affected||Algorithm/Protocol||Action||Additional Information||Change Log|
As of 2017-03-06 the term SSL/TLS, where it was used to
refer to Secure Transport, has been changed to TLS.
For further details on changes, please refer to the release notes for the affected releases.