Security Changes JDK8

1. Client-side TLS 1.2 enabled by default
2.  
3. New variant of AccessController.doPrivileged that enables code to assert a subset of its privileges, without preventing the full traversal of the stack to check for other permissions
4.  
5. Stronger algorithms for password-based encryption
6.  
7. SSL/TLS Server Name Indication (SNI) Extension support in JSSE Server
8.  
9. Support for AEAD algorithms: The SunJCE provider is enhanced to support AES/GCM/NoPadding cipher implementation as well as GCM algorithm parameters. And the SunJSSE provider is enhanced to support AEAD mode based cipher suites. See Oracle Providers Documentation, JEP 115.
10.  
11. KeyStore enhancements, including the new Domain KeyStore type java.security.DomainLoadStoreParameter, and the new command option -importpassword for the keytool utility
12.  
13. SHA-224 Message Digests
14.  
15. Enhanced Support for NSA Suite B Cryptography
16.  
17. Better Support for High Entropy Random Number Generation
18.  
19. New java.security.cert.PKIXRevocationChecker class for configuring revocation checking of X.509 certificates
20.  
21. 64-bit PKCS11 for Windows
22.  
23. New rcache Types in Kerberos 5 Replay Caching
24.  
25. Support for Kerberos 5 Protocol Transition and Constrained Delegation
26.  
27. Kerberos 5 weak encryption types disabled by default
28.  
29. Unbound SASL for the GSS-API/Kerberos 5 mechanism
30.  
31. SASL service for multiple host names
32.  
33. JNI bridge to native JGSS on Mac OS X
34.  
35. Support for stronger strength ephemeral DH keys in the SunJSSE provider
36.  
37. Support for server-side cipher suites preference customization in JSSE