https://bz.apache.org/bugzilla/show_bug.cgi?id=64409
--- Comment #4 from Christopher Schultz <ch...@christopherschultz.net> ---
Yes, this is actually INVALID as it reports a bug that is not there, rather
than a bug that is there that we don't think is a bug.
Calling SSLContext.getInstance("TLSv1.3") won't make a bit of difference except
under very specific circumstances. For most environments, this would
immediately cause an exception to be thrown because TLSv1.3 isn't supported
until Java 11 which isn't yet widely-deployed.
However, there is room for improvement for TokenStreamProvider by allowing
customization of the TLS protocols and cipher suites. That would be an
enhancement request, though, IMO.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
