[
https://issues.apache.org/jira/browse/DERBY-6768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14223879#comment-14223879
]
Myrna van Lunteren commented on DERBY-6768:
-------------------------------------------
I think the new line is pretty self-explanatory - especially as the message
will only follow messages showing that the server is an SSL enabled one
(DRDA_EnabledProtocols and DRDA_SSLClientAuthReady), not any other situation.
Now that I look at this again, perhaps we could change it to 'Enabled TLS/SSL
Protocols are..', but I think it is good enough as is.
I think it's fine to backport without further documentation.
Normally we don't backport improvements, but I think in this case that too is
acceptable (even desirable because of poodle) - even if someone has written a
program to check derby.log for the expected message it will be ok because the
original messages are still there...
> List the enabled protocols in derby.log for network server configuration
> ------------------------------------------------------------------------
>
> Key: DERBY-6768
> URL: https://issues.apache.org/jira/browse/DERBY-6768
> Project: Derby
> Issue Type: Improvement
> Components: Network Server
> Affects Versions: 10.12.0.0
> Reporter: Mamta A. Satoor
> Assignee: Mamta A. Satoor
> Fix For: 10.12.0.0
>
> Attachments: DERBY-6768_patch1_diff.txt
>
>
> DERBY-6764 is the result of poodle security alert in SSLv3 and SSLv2Hello
> protocols. For future, it will be good to know the protocols that are enabled
> on the server side so it is easier to know if the product may be impacted by
> a security issue with any specific protocol. To achieve this, at the server
> boot up time, we should list these enabled protocols in derby.log
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
