ArloL/gist:69d40f1fd21cf1749986

## gistfile1.txt
server2:/opt # diff jdk1.8.0_60/jre/lib/security/java.security jdk1.8.0_66/jre/lib/security/java.security
591a592,648
>
> # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
> # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.
> #
> # In traditional SSL/TLS/DTLS connections where finite field DHE parameters
> # negotiation mechanism is not used, the server offers the client group
> # parameters, base generator g and prime modulus p, for DHE key exchange.
> # It is recommended to use dynamic group parameters.  This property defines
> # a mechanism that allows you to specify custom group parameters.
> #
> # The syntax of this property string is described as this Java BNF-style:
> #   DefaultDHEParameters:
> #       DefinedDHEParameters { , DefinedDHEParameters }
> #
> #   DefinedDHEParameters:
> #       "{" DHEPrimeModulus , DHEBaseGenerator "}"
> #
> #   DHEPrimeModulus:
> #       HexadecimalDigits
> #
> #   DHEBaseGenerator:
> #       HexadecimalDigits
> #
> #   HexadecimalDigits:
> #       HexadecimalDigit { HexadecimalDigit }
> #
> #   HexadecimalDigit: one of
> #       0 1 2 3 4 5 6 7 8 9 A B C D E F a b c d e f
> #
> # Whitespace characters are ignored.
> #
> # The "DefinedDHEParameters" defines the custom group parameters, prime
> # modulus p and base generator g, for a particular size of prime modulus p.
> # The "DHEPrimeModulus" defines the hexadecimal prime modulus p, and the
> # "DHEBaseGenerator" defines the hexadecimal base generator g of a group
> # parameter.  It is recommended to use safe primes for the custom group
> # parameters.
> #
> # If this property is not defined or the value is empty, the underlying JSSE
> # provider's default group parameter is used for each connection.
> #
> # If the property value does not follow the grammar, or a particular group
> # parameter is not valid, the connection will fall back and use the
> # underlying JSSE provider's default group parameter.
> #
> # Note: This property is currently used by OpenJDK's JSSE implementation. It
> # is not guaranteed to be examined and used by other implementations.
> #
> # Example:
> #   jdk.tls.server.defaultDHEParameters=
> #       { \
> #       FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
> #       29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
> #       EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
> #       E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
> #       EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
> #       FFFFFFFF FFFFFFFF, 2}
	server2:/opt # diff jdk1.8.0_60/jre/lib/security/java.security jdk1.8.0_66/jre/lib/security/java.security
	591a592,648
	>
	> # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
	> # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.
	> #
	> # In traditional SSL/TLS/DTLS connections where finite field DHE parameters
	> # negotiation mechanism is not used, the server offers the client group
	> # parameters, base generator g and prime modulus p, for DHE key exchange.
	> # It is recommended to use dynamic group parameters. This property defines
	> # a mechanism that allows you to specify custom group parameters.
	> #
	> # The syntax of this property string is described as this Java BNF-style:
	> # DefaultDHEParameters:
	> # DefinedDHEParameters { , DefinedDHEParameters }
	> #
	> # DefinedDHEParameters:
	> # "{" DHEPrimeModulus , DHEBaseGenerator "}"
	> #
	> # DHEPrimeModulus:
	> # HexadecimalDigits
	> #
	> # DHEBaseGenerator:
	> # HexadecimalDigits
	> #
	> # HexadecimalDigits:
	> # HexadecimalDigit { HexadecimalDigit }
	> #
	> # HexadecimalDigit: one of
	> # 0 1 2 3 4 5 6 7 8 9 A B C D E F a b c d e f
	> #
	> # Whitespace characters are ignored.
	> #
	> # The "DefinedDHEParameters" defines the custom group parameters, prime
	> # modulus p and base generator g, for a particular size of prime modulus p.
	> # The "DHEPrimeModulus" defines the hexadecimal prime modulus p, and the
	> # "DHEBaseGenerator" defines the hexadecimal base generator g of a group
	> # parameter. It is recommended to use safe primes for the custom group
	> # parameters.
	> #
	> # If this property is not defined or the value is empty, the underlying JSSE
	> # provider's default group parameter is used for each connection.
	> #
	> # If the property value does not follow the grammar, or a particular group
	> # parameter is not valid, the connection will fall back and use the
	> # underlying JSSE provider's default group parameter.
	> #
	> # Note: This property is currently used by OpenJDK's JSSE implementation. It
	> # is not guaranteed to be examined and used by other implementations.
	> #
	> # Example:
	> # jdk.tls.server.defaultDHEParameters=
	> # { \
	> # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
	> # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
	> # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
	> # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
	> # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
	> # FFFFFFFF FFFFFFFF, 2}