[
https://issues.apache.org/jira/browse/GERONIMO-6793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17243834#comment-17243834
]
Romain Manni-Bucau commented on GERONIMO-6793:
----------------------------------------------
IMHO we can't align JVM defaults since they will often be for http clients and
not mails so we must pick some.
So question is: which one to select? If we have time we should probably review
most mail provider to ensure they all work by default and tuning is only needed
for custom company mail servers for example.
What do you think?
> Do not auto-enable all available Cyphers in TLS/SSL protocol handling in
> MailConnection
> ---------------------------------------------------------------------------------------
>
> Key: GERONIMO-6793
> URL: https://issues.apache.org/jira/browse/GERONIMO-6793
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: mail
> Reporter: Richard Zowalla
> Priority: Major
>
> Check and discuss, if it is a good idea to enable all cyphers in TLS/SSL
> protocol handling in MailConnection.java
> Some cyphers are deprecated for good reasons and shouldn't be used.
> This enhancement might possibily include
> * Allow users to specifiy cyphers via properties (custom factory is already
> possible)
> * If we have no user defined cyphers available, fallback to the JVMs default
> cyphers.
>
> This is a follow up issue raised from the discussion on the dev mailing list,
> see
> http://mail-archives.apache.org/mod_mbox/geronimo-dev/202012.mbox/%3C096fbb867eda8e090eddf80fbd81cf787ac87945.camel%40hs-heilbronn.de%3E
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
