https://issues.apache.org/bugzilla/show_bug.cgi?id=53394
--- Comment #2 from Michael Osipov <1983-01...@gmx.net> --- (In reply to comment #1) > This is a Tomcat 6 specific issue which still includes SSLv2 by default. > > The use of SSLv2 and that it is inherently unsafe is clearly indicated in > the documentation for the APR connector. I am aware of the documention but I am absolute sure that most people leave it to the defaults. My naivety lead me to that too. :-( -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
