Re: MD5 removing?

2018-02-16 Thread Jacques Le Roux
Perfect, thanks Paul! Jacques Le 16/02/2018 à 00:39, Paul Foxworthy a écrit : Thanks Jacques. I bet it is the OpenSSL syntax which is documented here: https://www.openssl.org/docs/man1.0.2/apps/ciphers.html . Cheers Paul Foxworthy On 16 February 2018 at 01:43, Jacques Le Roux

Re: MD5 removing?

2018-02-15 Thread Paul Foxworthy
Thanks Jacques. I bet it is the OpenSSL syntax which is documented here: https://www.openssl.org/docs/man1.0.2/apps/ciphers.html . Cheers Paul Foxworthy On 16 February 2018 at 01:43, Jacques Le Roux wrote: > Done with OFBIZ-10223 > > Jacques > > > > Le

Re: MD5 removing?

2018-02-15 Thread Jacques Le Roux
Done with OFBIZ-10223 Jacques Le 15/02/2018 à 15:32, Jacques Le Roux a écrit : Thanks Paul, It did not occur to me that the ! in MD5 was to prevent the use of MD5 :) I must say that the syntax is not explained in Tomcat doc (or at least I could not find it, even Googling everywhere)

Re: MD5 removing?

2018-02-15 Thread Jacques Le Roux
Thanks Paul, It did not occur to me that the ! in MD5 was to prevent the use of MD5 :) I must say that the syntax is not explained in Tomcat doc (or at least I could not find it, even Googling everywhere) Anyway I tried

Re: MD5 removing?

2018-02-13 Thread Paul Foxworthy
Hi Jacques, Doesn't the !MD5 mean Tomcat and OFBiz's default configuration is to *not* allow MD5 even if a client requests it? So I think we're OK already. Is it possible for us to leave out the ciphers property from OFBiz altogether, so Tomcat's default rules would come into play, and as they

MD5 removing?

2018-02-13 Thread Jacques Le Roux
Hi, Following a recent "distribution policy : make .md5 optional" thread at us...@infra.apache.org and looking at https://en.wikipedia.org/wiki/MD5 "Although MD5 was initially designed to be used as a cryptographic hash function , it