[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] Broken pipe after jetty client upgrade
|
Thank you guys for all the inputs.
In the end, we decided to apply the same exclusions from version 9.1.1
to the new version 9.3.8. That way we won't break existent customers.
Regards,
Douglas
On Sun, Apr 10, 2016 at 7:24 PM, Carey Evans <carey@xxxxxxxxxxxxx> wrote:
> On Sun, 10 Apr 2016, at 03:22, Silvio Bierman wrote:
>
> I am all for being aggressive on excluding weak ciphers/protocols but having
> something to offer the reference browsers on Qualys SSL-Labs is a must for
> us (customer demand an thus in our SLA).
>
>
>
> I wonder if it would be possible for Jetty to provide some kind of
> convenience methods to configure Modern, Intermediate or Old configurations,
> as per https://wiki.mozilla.org/Security/Server_Side_TLS and
> https://statics.tls.security.mozilla.org/server-side-tls-conf-4.0.json? Then
> rather than having copied-and-pasted settings floating around forever, each
> of these could still be kept up to date, with more insistent warnings the
> less secure they got.
>
> --
> Carey Evans
> carey@xxxxxxxxxxxxx
>
>
>
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
