[Bug 55537] New: add support for TLS1.1 and TLS1.2 excluding TLS1.0 (BEAST attack)

bugzilla Sun, 08 Sep 2013 15:10:05 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=55537


            Bug ID: 55537
           Summary: add support for TLS1.1 and TLS1.2 excluding TLS1.0
                    (BEAST attack)
           Product: Tomcat 7
           Version: unspecified
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Connectors
          Assignee: dev@tomcat.apache.org
          Reporter: hau...@acm.org

see also Bug 53952 for native.

In http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL%20Support, the
"sslProtocol" attribute would have to be String[], i.e. e.g. comma separated
protocol list


currently, TLSv1.2 can be put there, but it doesn't appear to have a limiting
effect on TLSv1.0

http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SSLContext
 

https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 55537] New: add support for TLS1.1 and TLS1.2 excluding TLS1.0 (BEAST attack)

Reply via email to