https://issues.apache.org/bugzilla/show_bug.cgi?id=51056
Summary: Disable / drop support for SSLv2 Product: Tomcat Native Version: 1.1.20 Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Library AssignedTo: dev@tomcat.apache.org ReportedBy: draz...@drazzib.com Hi, SSL 2.0 support got removed from many Debian GNU/Linux (and many others linux distro) and SSL 2.0 is disabled by default in Internet Explorer 7, Mozilla Firefox 3, Opera and Safari. It's use has been deprecated, because of weaknesses in the security of the protocol. For exemple, http://www.openssl.org/news/secadv_20051011.txt I propose to simply drop any support for SSLv2 in Tomcat Native lib with the attached patch. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org