Let me think about that option.
Karl
On Wed, Jan 15, 2020 at 5:38 PM Jörn Franke wrote:
> We could make it configurable, e.g. in properties.xml. Here people could
> set it to SSL, TLS, TLSv1.2 (to restrict it to TLS1.2 => some companies may
> want that!). Is this a viable option? That would
We could make it configurable, e.g. in properties.xml. Here people could
set it to SSL, TLS, TLSv1.2 (to restrict it to TLS1.2 => some companies may
want that!). Is this a viable option? That would be also future proof. We
can leave it by default to SSL, but we should put in the example config
It's rather immaterial what browsers do here. What's important is what
*existing servers* support, since that is what we're connecting with.
I tend to agree that *most* people have probably upgraded to web servers
that support TLS. But we can't guarantee it, nor can we assume that people
have
Hi Karl,
No it does not. I can look into that further, but Current browsers stop
supporting anything below TLSv1.2 in March 2020.
Then TLS exists since more than ten years. I expect any server running nowadays
will always have tls support.
SSL itself is not supported since some time now. From a
Hi,
Mcf currently requires jdk8. Jdk11 is non trivial to support because of
the removal of many jdk classes connectors need. It will be ported at some
point but not lightly.
Similarly, disabling SSL would certainly break many installations upon
upgrade and we do not do that lightly.
The core
