On 23 May 2015 17:03:21 BST, Rainer Jung <rainer.j...@kippdata.de> wrote: >mod_ssl dropped support for EXPORT ciphers in Apache 2.4 some time ago >and will also drop it in Apache 2.2 in the sonn to be released next >version. > >I applied a similar change to tcnative trunk and would also like to >apply it to 1.1. > >Note that "drop support" would mean you can no longer enable export >ciphers. Even if you do they will simply not get advertised to the >client because the code filters them out. This is not just a question >of >defaults but whether export ciphers should be available or not. > >The change in question is > > http://svn.apache.org/r1681147 > >In the light of the downgrade attacks that were invented I have a >tendency to drop support completely. Other opinions? > >Regards, > >Rainer > >--------------------------------------------------------------------- >To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org >For additional commands, e-mail: dev-h...@tomcat.apache.org
+1. >From a purely personal perspective I suspect this change will cause me more >work when I want to enable export ciphers for testing. I'll cope. For end users I can't see any reason to ever enable these so happy from them to go. Mark
