If I don't call setCipherPolicy, is the DOMESTIC policy used by default? The javadoc states that this "must be called before creating any SSL Socket". Is that really true?
Also, If I use setCipherPreference to turn of a particular SSL cipher, does this method *need to* be preceded by a call to setCipherPolicy in order for the disabling to take? I believe in NSS, that is the case (i.e., the SSL_CipherPrefSetDefault function should be called after a call to NSS_SetDomesticPolicy) -- POC
