https://issues.apache.org/bugzilla/show_bug.cgi?id=57464
Bug ID: 57464 Summary: Please support for TLS Fallback SCSV Product: Tomcat 7 Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: hau...@acm.org https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv https://www.ssllabs.com/ssltest/analyze.html?d=issues.apache.org complains about "Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported (more info)", but Mark expressed reluctance to do so as per http://mail-archives.apache.org/mod_mbox/tomcat-users/201412.mbox/%3c547ed9dd.2090...@apache.org%3E On the other hand - it wouldn't really hurt to support it? Or is ssllabs with its warning "off the map"? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org