You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Francois Papon (Jira)" <ji...@apache.org> on 2021/08/31 06:52:00 UTC
[jira] [Assigned] (GERONIMO-6793) Do not auto-enable all available
Cyphers in TLS/SSL protocol handling in MailConnection
[ https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Francois Papon reassigned GERONIMO-6793:
----------------------------------------
Assignee: Francois Papon
> Do not auto-enable all available Cyphers in TLS/SSL protocol handling in MailConnection
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-6793
> URL: https://issues.apache.org/jira/browse/GERONIMO-6793
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: mail
> Reporter: Richard Zowalla
> Assignee: Francois Papon
> Priority: Major
> Fix For: Javamail_1.6_1.0.1
>
> Attachments: GERONIMO-6793.diff
>
>
> Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL protocol handling in MailConnection.java
> Some cyphers are deprecated for good reasons and shouldn't be used.
> This enhancement might possibily include
> * Allow users to specifiy cyphers via properties (custom factory is already possible)
> * If we have no user defined cyphers available, fallback to the JVMs default cyphers.
>
> This is a follow up issue raised from the discussion on the dev mailing list, see http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E
--
This message was sent by Atlassian Jira
(v8.3.4#803005)