Le 28/10/14 15:53, Archer, Garry a écrit : > Hello All, > > FYI, if you have not seen this news (dated October 22, 2014): > > http://www.cnet.com/news/apple-dumps-ssl-3-0-for-push-notifications-due-to-poodle-flaw/ > > Basically, everyone is moving away from SSL and fully adopting TLS. Perhaps > this affects your projects? > > Apple are moving away from SSL to TLS as of October 29th (I assume this means > including 'Safari' too). > > Firefox and Google are making plans to make the necessary changes to their > Web browsers. "Mozilla plans to disable SSL 3.0 in Firefox 34, the next > version of the open-source browser." University of Michigan researchers have > a method to disable SSL in Internet Explorer. Hi,
anyone using MINA can define the version of SSL/TLS he/she want to use. The default is TLS (ie, it will use the most recent TLS protocol defined by the JDK in use, so TLS 1.0 for JDK6 and JDK7 (although in JDK 7 you can force the use of TLS 1.1 and TLS 1.2) and TLS 1.2 for JDK8. In any case, it's up to the user to define the algorithm to use when implementing a secure client or server, through the creation of a SslContext - which is not done by MINA -
