All,For Tomcat 10 (only), I propose we change the default SSLHostConfig protocols attribute from the current "SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3" to SSLv2Hello, TLSv1.2, TLSv1.3".
(That is, remove TLSv1 and TLSv1.1 from the default list.) Any objections? -chris --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
