[jira] [Updated] (GERONIMO-6793) Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francois Papon updated GERONIMO-6793: - Fix Version/s: Javamail_1.6_1.0.1 > Do not auto-enable all available Cyphers in TLS/SSL protocol handling in > MailConnection > --- > > Key: GERONIMO-6793 > URL: https://issues.apache.org/jira/browse/GERONIMO-6793 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: mail >Reporter: Richard Zowalla >Priority: Major > Fix For: Javamail_1.6_1.0.1 > > Attachments: GERONIMO-6793.diff > > > Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL > protocol handling in MailConnection.java > Some cyphers are deprecated for good reasons and shouldn't be used. > This enhancement might possibily include > * Allow users to specifiy cyphers via properties (custom factory is already > possible) > * If we have no user defined cyphers available, fallback to the JVMs default > cyphers. > > This is a follow up issue raised from the discussion on the dev mailing list, > see > http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (GERONIMO-6793) Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated GERONIMO-6793: -- Attachment: (was: GERONIMO-6793.diff) > Do not auto-enable all available Cyphers in TLS/SSL protocol handling in > MailConnection > --- > > Key: GERONIMO-6793 > URL: https://issues.apache.org/jira/browse/GERONIMO-6793 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: mail >Reporter: Richard Zowalla >Priority: Major > Attachments: GERONIMO-6793.diff > > > Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL > protocol handling in MailConnection.java > Some cyphers are deprecated for good reasons and shouldn't be used. > This enhancement might possibily include > * Allow users to specifiy cyphers via properties (custom factory is already > possible) > * If we have no user defined cyphers available, fallback to the JVMs default > cyphers. > > This is a follow up issue raised from the discussion on the dev mailing list, > see > http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (GERONIMO-6793) Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated GERONIMO-6793: -- Attachment: GERONIMO-6793.diff > Do not auto-enable all available Cyphers in TLS/SSL protocol handling in > MailConnection > --- > > Key: GERONIMO-6793 > URL: https://issues.apache.org/jira/browse/GERONIMO-6793 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: mail >Reporter: Richard Zowalla >Priority: Major > Attachments: GERONIMO-6793.diff > > > Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL > protocol handling in MailConnection.java > Some cyphers are deprecated for good reasons and shouldn't be used. > This enhancement might possibily include > * Allow users to specifiy cyphers via properties (custom factory is already > possible) > * If we have no user defined cyphers available, fallback to the JVMs default > cyphers. > > This is a follow up issue raised from the discussion on the dev mailing list, > see > http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (GERONIMO-6793) Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated GERONIMO-6793: -- Flags: Patch Patch Info: Patch Available > Do not auto-enable all available Cyphers in TLS/SSL protocol handling in > MailConnection > --- > > Key: GERONIMO-6793 > URL: https://issues.apache.org/jira/browse/GERONIMO-6793 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: mail >Reporter: Richard Zowalla >Priority: Major > Attachments: GERONIMO-6793.diff > > > Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL > protocol handling in MailConnection.java > Some cyphers are deprecated for good reasons and shouldn't be used. > This enhancement might possibily include > * Allow users to specifiy cyphers via properties (custom factory is already > possible) > * If we have no user defined cyphers available, fallback to the JVMs default > cyphers. > > This is a follow up issue raised from the discussion on the dev mailing list, > see > http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (GERONIMO-6793) Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated GERONIMO-6793: -- Attachment: GERONIMO-6793.diff > Do not auto-enable all available Cyphers in TLS/SSL protocol handling in > MailConnection > --- > > Key: GERONIMO-6793 > URL: https://issues.apache.org/jira/browse/GERONIMO-6793 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: mail >Reporter: Richard Zowalla >Priority: Major > Attachments: GERONIMO-6793.diff > > > Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL > protocol handling in MailConnection.java > Some cyphers are deprecated for good reasons and shouldn't be used. > This enhancement might possibily include > * Allow users to specifiy cyphers via properties (custom factory is already > possible) > * If we have no user defined cyphers available, fallback to the JVMs default > cyphers. > > This is a follow up issue raised from the discussion on the dev mailing list, > see > http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E -- This message was sent by Atlassian Jira (v8.3.4#803005)
