svn commit: r1153423 - in /tomcat/trunk/webapps/docs: changelog.xml security-howto.xml

Wed, 03 Aug 2011 03:37:26 -0700 

Author: markt
Date: Wed Aug  3 10:36:33 2011
New Revision: 1153423

URL: http://svn.apache.org/viewvc?rev=1153423&view=rev
Log:
Add info on ciphers

Modified:
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/security-howto.xml

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1153423&r1=1153422&r2=1153423&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Aug  3 10:36:33 2011
@@ -217,6 +217,10 @@
       <update>
         Improve class loading documentation. (kkolinko)
       </update>
+      <add>
+        Add information to the security page of the the documentation web
+        application for the ciphers attribute of the Connector element. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Other">

Modified: tomcat/trunk/webapps/docs/security-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/security-howto.xml?rev=1153423&r1=1153422&r2=1153423&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/security-howto.xml (original)
+++ tomcat/trunk/webapps/docs/security-howto.xml Wed Aug  3 10:36:33 2011
@@ -187,6 +187,12 @@
       proxy uses AJP then the SSL attributes of the client connection are
       passed via the AJP protocol and separate connectors are not needed.</p>
       
+      <p>The <strong>ciphers</strong> attribute controls the ciphers used for
+      SSL connections. By default, the default ciphers for the JVM will be 
used.
+      This usually means that the weak export grade ciphers will be included in
+      the list of available ciphers. Secure environments will normally want to
+      configure a more limited set of ciphers.</p>
+      
       <p>The <strong>tomcatAuthentication</strong> attribute is used with the
       AJP connectors to determine if Tomcat should authenticate the user or if
       authentication can be delegated to the reverse proxy that will then pass



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to