Author: markt Date: Mon Aug 11 13:57:16 2008 New Revision: 684922 URL: http://svn.apache.org/viewvc?rev=684922&view=rev Log: Correct SSL docs as to the list of ciphers used by default. Add note about export grade ciphers. Add note (already in TC4) about cipher naming.
Modified: tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/config/http11.xml tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/ssl-howto.xml tomcat/container/tc5.5.x/webapps/docs/config/http.xml tomcat/container/tc5.5.x/webapps/docs/ssl-howto.xml tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml tomcat/tc6.0.x/trunk/webapps/docs/ssl-howto.xml tomcat/trunk/webapps/docs/config/http.xml tomcat/trunk/webapps/docs/ssl-howto.xml Modified: tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/config/http11.xml URL: http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/config/http11.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/config/http11.xml (original) +++ tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/config/http11.xml Mon Aug 11 13:57:16 2008 @@ -278,6 +278,14 @@ specified, the default value is <code>SunX509</code>.</p> </attribute> + <attribute name="ciphers" required="false"> + <p>The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be used. + Note that this usually means that the weak export grade ciphers will be + included in the list of available ciphers. The ciphers are specified + using the JSSE cipher naming convention.</p> + </attribute> + <attribute name="className" required="true"> <p>The fully qualified class name of the SSL server socket factory implementation class. You must specify Modified: tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/ssl-howto.xml URL: http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/ssl-howto.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/ssl-howto.xml (original) +++ tomcat/container/branches/tc4.1.x/webapps/tomcat-docs/ssl-howto.xml Mon Aug 11 13:57:16 2008 @@ -319,10 +319,13 @@ </tr> <tr> <td><code>ciphers</code></td> - <td>A comma seperated list of the encryption ciphers that may be used. - If not specified, then any available cipher may be used. The ciphers - are specified using the JSSE cipher naming convention.</td> + <td>The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be + used. Note that this usually means that the weak export grade ciphers + will be included in the list of available ciphers. The ciphers are + specified using the JSSE cipher naming convention.</td> </tr> + <tr> <td><code>clientAuth</code></td> <td>Set this value to <code>true</code> if you want Tomcat to require Modified: tomcat/container/tc5.5.x/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/config/http.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/container/tc5.5.x/webapps/docs/config/http.xml (original) +++ tomcat/container/tc5.5.x/webapps/docs/config/http.xml Mon Aug 11 13:57:16 2008 @@ -467,8 +467,11 @@ </attribute> <attribute name="ciphers" required="false"> - <p>A comma seperated list of the encryption ciphers that may be used. - If not specified, then any available cipher may be used.</p> + <p>The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be used. + Note that this usually means that the weak export grade ciphers will be + included in the list of available ciphers. The ciphers are specified using + the JSSE cipher naming convention.</p> </attribute> <attribute name="keyAlias" required="false"> Modified: tomcat/container/tc5.5.x/webapps/docs/ssl-howto.xml URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/ssl-howto.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/container/tc5.5.x/webapps/docs/ssl-howto.xml (original) +++ tomcat/container/tc5.5.x/webapps/docs/ssl-howto.xml Mon Aug 11 13:57:16 2008 @@ -401,7 +401,10 @@ <tr> <td><code>ciphers</code></td> <td>The comma separated list of encryption ciphers that this socket is - allowed to use. By default, any available cipher is allowed.</td> + allowed to use. By default, the default ciphers for the JVM will be + used. Note that this usually means that the weak export grade ciphers + will be included in the list of available ciphers. The ciphers are + specified using the JSSE cipher naming convention.</td> </tr> <tr> <td><code>algorithm</code></td> Modified: tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/config/http.xml Mon Aug 11 13:57:16 2008 @@ -685,8 +685,11 @@ </attribute> <attribute name="ciphers" required="false"> - <p>A comma seperated list of the encryption ciphers that may be used. - If not specified, then any available cipher may be used.</p> + <p>The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be used. + Note that this usually means that the weak export grade ciphers will be + included in the list of available ciphers. The ciphers are specified using + the JSSE cipher naming convention.</p> </attribute> <attribute name="keyAlias" required="false"> Modified: tomcat/tc6.0.x/trunk/webapps/docs/ssl-howto.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/ssl-howto.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/webapps/docs/ssl-howto.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/ssl-howto.xml Mon Aug 11 13:57:16 2008 @@ -465,7 +465,10 @@ <tr> <td><code>ciphers</code></td> <td>The comma separated list of encryption ciphers that this socket is - allowed to use. By default, any available cipher is allowed.</td> + allowed to use. By default, the default ciphers for the JVM will be + used. Note that this usually means that the weak export grade ciphers + will be included in the list of available ciphers. The ciphers are + specified using the JSSE cipher naming convention.</td> </tr> <tr> <td><code>algorithm</code></td> Modified: tomcat/trunk/webapps/docs/config/http.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/config/http.xml (original) +++ tomcat/trunk/webapps/docs/config/http.xml Mon Aug 11 13:57:16 2008 @@ -685,8 +685,11 @@ </attribute> <attribute name="ciphers" required="false"> - <p>A comma seperated list of the encryption ciphers that may be used. - If not specified, then any available cipher may be used.</p> + <p>The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be used. + Note that this usually means that the weak export grade ciphers will be + included in the list of available ciphers. The ciphers are specified using + the JSSE cipher naming convention.</p> </attribute> <attribute name="keyAlias" required="false"> Modified: tomcat/trunk/webapps/docs/ssl-howto.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/ssl-howto.xml?rev=684922&r1=684921&r2=684922&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/ssl-howto.xml (original) +++ tomcat/trunk/webapps/docs/ssl-howto.xml Mon Aug 11 13:57:16 2008 @@ -465,7 +465,10 @@ <tr> <td><code>ciphers</code></td> <td>The comma separated list of encryption ciphers that this socket is - allowed to use. By default, any available cipher is allowed.</td> + allowed to use. By default, the default ciphers for the JVM will be + used. Note that this usually means that the weak export grade ciphers + will be included in the list of available ciphers. The ciphers are + specified using the JSSE cipher naming convention.</td> </tr> <tr> <td><code>algorithm</code></td> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]