https://issues.apache.org/bugzilla/show_bug.cgi?id=57006
xinshouke <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED CC| |[email protected] Resolution|INVALID |--- --- Comment #6 from xinshouke <[email protected]> --- According to the reading source code and doc in the Tomcat web site,I found the attribute 'allowUnsafeLegacyRenegotiation' with set false as default, I suspect when I needn't set anythings for the attribute in the tomcat server.xml to avoid The SSL Renegotation Attack thr SSL,should I? (In reply to Mark Thomas from comment #5) > I still don't see anything in this report that describes unexpected, > undesirable or insecure behavior. Again, please user the users mailing list. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
