You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Felix Schumacher <fe...@internetallee.de> on 2016/03/14 20:05:22 UTC

Default for honorCipherOrder in tomcat 8.5

Hi,

what should be the default value for honorCipherOrder?

It has to be false, when run on java 7. But it could be set to true, if 
java 8 was detected. This might be a bit confusing, so what do you think?

Regards,
  Felix

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: Default for honorCipherOrder in tomcat 8.5

Posted by Mark Thomas <ma...@apache.org>.

On 14/03/2016 19:05, Felix Schumacher wrote:
> Hi,
> 
> what should be the default value for honorCipherOrder?
> 
> It has to be false, when run on java 7. But it could be set to true, if
> java 8 was detected. This might be a bit confusing, so what do you think?

I'm wondering whether it shouldn't always be false by default. It is
probably worth doing some testing with ssllabs to see how good our
current defaults are.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org