https://issues.apache.org/bugzilla/show_bug.cgi?id=53394
--- Comment #2 from Michael Osipov <[email protected]> --- (In reply to comment #1) > This is a Tomcat 6 specific issue which still includes SSLv2 by default. > > The use of SSLv2 and that it is inherently unsafe is clearly indicated in > the documentation for the APR connector. I am aware of the documention but I am absolute sure that most people leave it to the defaults. My naivety lead me to that too. :-( -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
