On 29/11/2018 18:25, Christopher Schultz wrote: > Jean-Frederic, > > On 11/29/18 12:18, jean-frederic clere wrote: >> On 29/11/2018 18:13, Christopher Schultz wrote: >>> Jean-Frederic, >>> >>> On 11/29/18 08:06, jfcl...@apache.org wrote: >>>> Author: jfclere Date: Thu Nov 29 13:06:21 2018 New Revision: >>>> 1847714 >>> >>>> URL: http://svn.apache.org/viewvc?rev=1847714&view=rev Log: >>>> Allow to compile with --enable-insecure-export-ciphers >>> >>> **WHY**?! > >> http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslconf.c? > view=markup&pathrev=1847714#l252 > >> that can't compile otherwise. > > Oh, I know the "technical" answer, but why should we ever allow > --enable-insecure-export-ciphers? > > Are there a lot of people who want to use the TLS_RSA_ROT13_MD5 cipher > suite?
To test the broken TLS-1.0 in my case :D, customers using broken, unsafe browser or clients... -- Cheers Jean-Frederic --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
