tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James H. H. Lampert" <jam...@touchtonecorp.com>
Subject More, Re: Question about vulnerability report
Date Mon, 08 Aug 2016 16:35:56 GMT
On 7/27/16, 11:59 AM, Mark Thomas wrote:

> ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"

Ladies and Gentlemen:

Thanks, Mark; that raises the SSLLabs rating from "F" to "C," and seems 
to have dealt with most of the concerns raised by the customer.

Except for one. It seems that whoever is doing the customer's security 
audit is concerned with POODLE vulnerability.

Can this be dealt with in Tomcat 7 under Java 6? If so, how?

--
JHHL

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message