Oracle JRE and JDK Cryptographic Roadmap

Last updated on

The following information represents Oracle's plans for changes to the security algorithms and associated policies/settings in the Oracle Java Runtime Environment (JRE) and Java SE Development Kit (JDK).

The information on this site is intended for releases currently supported by Oracle (as described in the Java SE Support Roadmap) and Early Access releases when applicable. The Oracle JRE/JDK have a pluggable security architecture, which allows for the use of third-party security providers. The information provided in this roadmap only applies to the security providers shipped by Oracle in the Oracle JRE and JDK. It does not apply to third-party security providers.

These notices cover changes on update releases. New feature releases may implement new security algorithms or use different default settings than previously released versions. Information on changes delivered with new feature releases, including changes in cryptography, can be found on the release notes. However, for some notable exceptions, this site may include notices about changes in a future release or even early access versions.


The information below is a summary of Oracle’s current plans. It is intended to provide general information to the public. This roadmap can change with little or no warning, though Oracle will attempt to provide advance notice about these changes. In some instances, it is possible that required changes will be published only after a given JRE/JDK release.

Planned changes (1)

The changes announced on this roadmap reflect Oracle's minimum recommendations for production environments. Oracle encourages users to proactively test/enable these changes before they are enabled by default in the JRE and JDK. Note that the chart below links to technical instructions on how to test or revert the changes in the security algorithms and associated policies/settings in the JRE and JDK.

Targeted Date(2) Targeted Release(s)
Algorithm/Protocol Action Additional Information Change Log

  1. Information subject to change.
  2. Dates will be updated, either more precision added, delayed, or brought in, as more details become available. Q1, Q2, Q3 and Q4 refer to the calendar quarters. H1 and H2 refer to the first or second half of the year.
  3. Whichever is the current release at the time of the change.

Released Changes

Release Date Release(s) Affected Algorithm/Protocol Action Additional Information Change Log

As of 2017-03-06 the term SSL/TLS, where it was used to refer to Secure Transport, has been changed to TLS.

More details on releases changes

For further details on changes, please refer to the release notes for the affected releases.

Privacy  | Terms of Use | Trademarks | Feedback