On 22/03/2016 07:37, violet...@apache.org wrote: > Author: violetagg > Date: Tue Mar 22 07:37:21 2016 > New Revision: 1736145 > > URL: http://svn.apache.org/viewvc?rev=1736145&view=rev > Log: > Remove honorCipherOrder="false" from the server.xml. > When the block is uncommented the implementation will use the default which > is honorCipherOrder="true" > Patch provided by Huxing Zhang
I'm not sure this is entirely the right approach. honorCipherOrder was more necessary a few years ago when servers supported weak ciphers and clients asked for them early in the priority list. The TLS landscape has changed a lot since then. I think we can make the default for honorCipherOrder false. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
