All,For Tomcat 10 (only), I propose we change the default SSLHostConfig protocols attribute from the current "SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3" to SSLv2Hello, TLSv1.2, TLSv1.3".
(That is, remove TLSv1 and TLSv1.1 from the default list.) Any objections? -chris --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
