tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: svn commit: r834477 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java test/org/apache/catalina/startup/TestTomcatSSL.java
Date Tue, 10 Nov 2009 15:02:08 GMT
Rainer Jung wrote:
>> +            enableMitmVulnerability =
>> +                "true".equals(attributes.get("enableMitmVulnerability"));
>> +            
>>              // Check the SSL config is OK
>>              checkConfig();
> 
> Isn't the naming a bit harsh? OpenSSl names it legacy renegotiation (to
> make it differ from the future renegotiation with TLS extension). So
> maybe enableLegacyRenegotiation would be better? Of course it wouldn't
> keep people from activating as much as the proposed name does, but on
> the other hand (unfortunately) there are valid use cases to activate it.

I'm happy with changing the name to be consistent with OpenSSL. More
consistency == less confusion which I think is a good thing.

I'm still doing testing but so far it looks good. If any one is able to
do their own testing please do so. The more eyes on this the better.

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message