2009/11/7 Mark Thomas <ma...@apache.org>: > > We also need to think about what to do with tc native. Maybe something like:
I think that we can - recommend recompiling 1.1.16 with OpenSSL 0.9.8l for those who used our sources - for those architectures where binaries are available for 1.1.16 (windows 32/64-bit), rebuild them using OpenSSL 0.9.8l My understanding is that 1.1.17 and later require TC 6.0.21 and 5.5.29 and later and vice versa, because of some API changes, and thus won't be useful until those versions are released. > - release 1.1.17 with binaries built with 0.9.8l (so renegotiation is > disabled) +1 > - keep an eye on httpd and if they find a work-around, copy it and > release 1.1.18 with renegotiation enabled > +1 > For now, I'm not proposing any changes to the docs although we may want > to put a summary of the advice - once agreed - on the security pages. > > Thoughts? > > Mark > Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
