[Tomcat Wiki] Update of "Security/Ciphers" by markt

Thu, 31 Mar 2016 13:59:35 -0700 

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change 
notification.

The "Security/Ciphers" page has been changed by markt:
https://wiki.apache.org/tomcat/Security/Ciphers?action=diff&rev1=18&rev2=19

Comment:
Add results for Tomcat 6 and APR/native

  == APR with OpenSSL Results (Default) ==
  
  ||            || Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6   ||  TBD   ||  TBD   ||  TBD   ||  TBD   ||
+ || Tomcat 6   ||   A    ||   A    ||   A    ||   A    ||
  || Tomcat 7   ||  N/A   ||   A    ||   A    ||   A    ||
  || Tomcat 8   ||  N/A   ||  N/A   ||   A    ||   A    ||
  || Tomcat 8.5 ||  N/A   ||  N/A   ||   A    ||   A    ||
  || Tomcat 9   ||  N/A   ||  N/A   ||  N/A   ||   A    ||
  
  The OpenSSL cipher configuration used was 
'''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of 
secure cipher suites in OpenSSL format is available at 
[[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]].
- 
- 
- == JSSE (BIO/NIO/NIO2) Results (Improved) ==
- 
- ||          || Java 5 || Java 6 || Java 7 || Java 8 ||
- || Tomcat 6 ||   B    ||   B    ||   A-   ||   A    ||
- 
- == JSSE Settings for Improved Results ==
- 
- To use these settings:
- 
-  1. Pass JVM parameter '''-Djdk.tls.ephemeralDHKeySize=2048''' to JVM running 
Tomcat.
- 
-  1. Set the ciphers attribute on your secure connector to the list of ciphers 
shown below. The list should be comma separated.
- 
-   * Java 5
-    * TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 6
-    * TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 7
-     * TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 
SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
-   * Java 8
-    * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  
  == Environment ==
  
@@ -79, +56 @@

   * Java 6, 64-bit, update 45
   * Java 7, 64-bit, update 80
   * Java 8, 64-bit, update 77
-  * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled 
SSLv2 and SSLv3.
+  * Apache Tomcat 6.0.46-dev, r1737284.
   * Apache Tomcat 7.0.69-dev, r1737253.
   * Apache Tomcat 8.0.34-dev, r1737224.
   * Apache Tomcat 8.5.1-dev, r1737241.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to