[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-20 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #11 from Tim Whittington --- Created attachment 30090 --> https://issues.apache.org/bugzilla/attachment.cgi?id=30090&action=edit JSSE options on AIX Java 7 -- You are receiving this mail because: You are the assignee for the

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-20 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #10 from Tim Whittington --- Created attachment 30089 --> https://issues.apache.org/bugzilla/attachment.cgi?id=30089&action=edit JSSE options on Oracle Java 6 -- You are receiving this mail because: You are the assignee for

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-20 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #9 from Tim Whittington --- Created attachment 30088 --> https://issues.apache.org/bugzilla/attachment.cgi?id=30088&action=edit JSSE options on Oracle Java 7 -- You are receiving this mail because: You are the assignee for t

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-20 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #8 from Tim Whittington --- For posterity, the actual situation with JSSE is a bit more complicated than client vs server. (The fix and workaround for this issue are correct - this is just to clarify the landscape in case it's e

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-14 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 Ognjen Blagojevic changed: What|Removed |Added Status|RESOLVED|CLOSED --- Comment #7 from Ogn

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-14 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|---

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-14 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #5 from Mark Thomas --- Digging into the OpenJDK source code it appears that the JVM behaviour is by design. The defaults are different for client and server connections and SSLContext.getDefaultSSLParameters() returns the defa

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-14 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 Mark Thomas changed: What|Removed |Added CC||f...@fasihi.net --- Comment #4 from

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-13 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #3 from Mark Thomas --- Some issues at $work have prompted me to look into this further. Fundamentally, this is a JVM bug. I think the way forward is to use socket.getEnabledProtocols() to determine what the default protocols

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-13 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #2 from Mark Thomas --- Note hidden in the code comments is the fact that support for SSLv2Hello is also dropped. Note that the change that triggered this bug was 54406. -- You are receiving this mail because: You are the ass

[Bug 54690] HTTPS BIO/NIO connector does not enable TLS 1.1 and TLS 1.2 by default

2013-03-13 Thread bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=54690 --- Comment #1 from Ognjen Blagojevic --- Here is a simple class to demonstrate Oracle JDK 7 behavior: import java.net.ServerSocket; import java.util.Arrays; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLServerSocket; import ja