ottoka edited a comment on pull request #750: URL: https://github.com/apache/james-project/pull/750#issuecomment-975650330
> My recommendation is to have the Encryption.getContext method applying the cypher suite and client auth extra configuration before returning it to the caller, thus the caller can safely be ignorant to these details. Ideally, getting read of the getters on cyphers and client auth should also be possible. (I would highly welcome such a refactoring) Thing is, you have to apply cipher suites and client auth to the final SSLEngine or SSLSocket, not the SSLContext from which they are created (as I already said, its a weird API). I could wire the client auth setting through to `IMAPServer` and `ManageSieveServer` though, as it already is with cipher suites. Alternatively, maybe introduce `Encryption.createSSLEngine()` (which applies the settings), and pass the Encryption object wherever we have context+ciphers now. Any thoughts? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
