For PCI compliance we are supposed to address the SSL BEAST attack by
prioritizing SSL cipher suites.
Any clue how to do that with JSSE? We are using JSSE because we run Resin
uncompiled. Am I correct in thinking that in order to run OpenSSL we HAVE
to compile Resin? Or is there a way to make it work running uncompiled? If
so, we can prioritize the cipher suites with OpenSSL, correct?
resin-interest mailing list