You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Christopher Schultz <ch...@christopherschultz.net> on 2022/02/28 16:12:10 UTC

[PROPOSAL] Change default TLS protocol from "all" to "TLSv1.2,TLSv1.3" in Tomcat 10.1

All,

As the subject says.

Or, perhaps, redefine "all" to be "TLSv1.2,TLSv1.3" similarly to what we 
did in the past when removing SSLv3 from the definition of "all".

I think this should be done with Tomcat 10.1 (relatively new) to set a 
precedent moving forward, but not 8.5 or 9.0 to avoid disrupting 
production deployments.

-chris

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

Re: [PROPOSAL] Change default TLS protocol from "all" to "TLSv1.2,TLSv1.3" in Tomcat 10.1

Posted by Igal Sapir <ig...@lucee.org>.

On Mon, Feb 28, 2022 at 8:12 AM Christopher Schultz <
chris@christopherschultz.net> wrote:

> All,
>
> As the subject says.
>
> Or, perhaps, redefine "all" to be "TLSv1.2,TLSv1.3" similarly to what we
> did in the past when removing SSLv3 from the definition of "all".
>
> I think this should be done with Tomcat 10.1 (relatively new) to set a
> precedent moving forward, but not 8.5 or 9.0 to avoid disrupting
> production deployments.
>

+1

Igal



>
> -chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>