-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/9/13 12:17 PM, Mark Eggers wrote:
> On 8/9/2013 8:10 AM, Mark Thomas wrote:
>> On 09/08/2013 15:28, Christopher Schultz wrote:
>>> Mark,
>>>
>>> On 8/9/13 9:14 AM, Mark Thomas wrote:
On 09/08/2013 14:50, Christopher Schultz wrote:
>
On 8/9/2013 8:10 AM, Mark Thomas wrote:
On 09/08/2013 15:28, Christopher Schultz wrote:
Mark,
On 8/9/13 9:14 AM, Mark Thomas wrote:
On 09/08/2013 14:50, Christopher Schultz wrote:
It's too bad it took a researcher a year to figure out that
compression of any kind makes encryption (where the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/9/13 11:10 AM, Mark Thomas wrote:
> On 09/08/2013 15:28, Christopher Schultz wrote:
>> Mark,
>>
>> On 8/9/13 9:14 AM, Mark Thomas wrote:
>>> On 09/08/2013 14:50, Christopher Schultz wrote:
>>
It's too bad it took a researcher a yea
On 09/08/2013 15:28, Christopher Schultz wrote:
> Mark,
>
> On 8/9/13 9:14 AM, Mark Thomas wrote:
>> On 09/08/2013 14:50, Christopher Schultz wrote:
>
>>> It's too bad it took a researcher a year to figure out that
>>> compression of any kind makes encryption (where the attacker can
>>> force ra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/9/13 9:14 AM, Mark Thomas wrote:
> On 09/08/2013 14:50, Christopher Schultz wrote:
>
>> It's too bad it took a researcher a year to figure out that
>> compression of any kind makes encryption (where the attacker can
>> force random prob
On 09/08/2013 14:50, Christopher Schultz wrote:
> It's too bad it took a researcher a year to figure out that
> compression of any kind makes encryption (where the attacker can force
> random probing attacks) weak. It's not like SSL+compression and
> SSL-compression+compression is that different.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 8/8/13 8:20 PM, Martin Gainty wrote:
> as earlier mentioned
>
> chrome is the only browser that supports compression on SSL
> streams
Mozilla Firefox had implemented TLS+compression for SPDY requests, and
thus was vulnerable. Since CRIM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David,
On 8/8/13 5:47 PM, David Landis wrote:
> On Thu, Aug 8, 2013 at 5:19 PM, Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
>>
>> ... and the SSLDisableCompression setting (when set to "false")
>> is intended to mitigate the CR
uebernehmen.
> Date: Thu, 8 Aug 2013 17:47:36 -0400
> Subject: Re: Tomcat config question: 'compression' versus
> 'SSLDisableCompression'
> From: dlan...@gmail.com
> To: users@tomcat.apache.org
>
> On Thu, Aug 8, 2013 at 5:19 PM, Christopher Schult
On Thu, Aug 8, 2013 at 5:19 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
>
> ... and the SSLDisableCompression setting (when set to "false") is
> intended to mitigate the CRIME attack against SSL/TLS compression.
> Feel free to read online all about the CRIME attack.
>
That was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/8/13 12:45 PM, Mark Thomas wrote:
> On 08/08/2013 18:14, David Landis wrote:
>> Hi,
>>
>> I was wondering if someone could clarify the difference between
>> the configuration parameters mentioned in the subject of this
>> email or point
On 08/08/2013 18:14, David Landis wrote:
> Hi,
>
> I was wondering if someone could clarify the difference between the
> configuration parameters mentioned in the subject of this email or point me
> to some documentation that explains it?
>
> Do they both refer to the same type of compression?
N
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dick,
On 12/15/2009 8:15 AM, steflik wrote:
> I'm a little bit hesitant as a number of the students are still struggling
> to get their JSP project done. Right now the server is running and the
> statements that define where the apps are are right at
lik
Binghamton University
Caldarale, Charles R wrote:
From: steflik [mailto:stef...@binghamton.edu]
Subject: Re: Tomcat Config Question
Do I just move the statements out of server.xml and into
context.xml?
It's not - case matters.
or is there something else I have to
s.
>> Try it and see.
>>
>> (The manager & host-manager apps preinstalled in Tomcat also use a
>> META-INF directory.)
>>
>>
>> p
>>
>>
>>
>>> Dick Steflik
>>> Binghamton University
>>>
>>>
>>>
just an exploded/uncompressed
> WAR. Putting a META-INF directory inside the app dir still applies.
> Try it and see.
>
> (The manager & host-manager apps preinstalled in Tomcat also use a
> META-INF directory.)
>
>
> p
>
>
>> Dick Steflik
>> B
META-INF directory.)
p
Dick Steflik
Binghamton University
Caldarale, Charles R wrote:
From: steflik [mailto:stef...@binghamton.edu]
Subject: Re: Tomcat Config Question
Do I just move the statements out of server.xml and into
context.xml?
It's not - case matters.
or is there
em to be the appropriate place?
Dick Steflik
Binghamton University
Caldarale, Charles R wrote:
>
>> From: steflik [mailto:stef...@binghamton.edu]
>> Subject: Re: Tomcat Config Question
>>
>> Do I just move the statements out of server.xml and into
>> context.x
> From: steflik [mailto:stef...@binghamton.edu]
> Subject: Re: Tomcat Config Question
>
> Do I just move the statements out of server.xml and into
> context.xml?
It's not - case matters.
> or is there something else I have to do.
Reading the doc would be
On 14/12/2009 18:46, steflik wrote:
Markus,
Do I just move the statements out of server.xml and into
context.xml?
or is there something else I have to do. If thats all I have to do do I
place them before or after the watched element tag that is already in the
context.xml file?
There should be
Markus,
Do I just move the statements out of server.xml and into
context.xml?
or is there something else I have to do. If thats all I have to do do I
place them before or after the watched element tag that is already in the
context.xml file?
Dick Steflik
Markus Schönhaber-10 wrote:
>
> 09.12
2009/12/9 steflik
>
> I'm teaching a Web Programming course and am using Tomcat 6 for the
> servlet/jsp portion of the course. I have created a context for each
> student
> in the server.xml file and it seems to work pretty good but if a student
> modifies the web.xml file in their application I
On 09/12/2009 14:52, Neil Aggarwal wrote:
The global conf/context.xml file should have a
element for WEB-INF/web.xml; Tomcat should
automatically restart the webapp unless you've removed that
or disabled deployOnStartup in the element.
In my experience, Tomcat has problems reloading webapps
> The global conf/context.xml file should have a
> element for WEB-INF/web.xml; Tomcat should
> automatically restart the webapp unless you've removed that
> or disabled deployOnStartup in the element.
In my experience, Tomcat has problems reloading webapps
on occasion. This may work 80% of
> From: steflik [mailto:stef...@binghamton.edu]
> Subject: Tomcat Config Question
>
> I have created a context for each student in the server.xml file
Don't do that - very strongly discouraged to have any webapp-specific
information in server.xml. The elements should be in
conf/Catalina/[hos
09.12.2009 15:31, steflik:
> I'm teaching a Web Programming course and am using Tomcat 6 for the
> servlet/jsp portion of the course. I have created a context for each student
> in the server.xml file and it seems to work pretty good but if a student
> modifies the web.xml file in their applicatio
26 matches
Mail list logo
