On Tue, Jan 6, 2026 at 11:35 AM Mark Thomas <[email protected]> wrote: > > All, > > Just a quick heads up of where I have got to. > > TLSv1.3 cipher suite configuration is implemented in Tomcat Native and I > think it is close to being ready for tagging. Depending on what else I > find while working on the Tomcat side, it might be ready now. > > I think I have a working TLSv1.3 cipher suite configuration for Tomcat > 12.0.x but I still have some tests to write to confirm that. Supporting > JSSE, OpenSSL and OpenSSL+FFM with different configuration styles > creates a lot of different combinations.
Ok, thanks for the cleanups. > The current TLSv1.3 work along with the OCSP work (both of which need a > successful Native release before I can push changes to 12.0.x) have > identified various bugs / oddities / edge cases. The flurry of commits > this morning was me trying to pull forward fixes where the fixes don't > depend on the TLSv1.3 or OCSP work. There may be a few more of these as > I write a few more tests. > > I'm hoping to get to the point where I'm ready to tag Tomcat Native > later today. > > While the Tomcat Native release votes are running, I plan to work on any > open bugs / PRs / etc. Hopefully, I'll get these all resolved while the > votes are running. > > Once we have a new set of Tomcat Native releases (late this week / early > next), I will update the minimum required version and apply the TLSv1.3 > and OCSP changes to main, 11.0.x, 10.1.x and 9.0.x. Then I'll be ready > to tag Tomcat 11.0.x. So I'm currently expecting the January releases to > be available late next week / early the following week although that > depends on both RM availability and everything else running as expected. Ok, let's try. Rémy > There are quite a few moving parts in all of this so the above plan may > not survive but I expect the broad outline will remain. > > Mark > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
