On 03/12/2014 06:24, Manas Ranjan Behera03 wrote: > Dear Team, > > The tomcat version is apache-tomcat-7.0.11 in Windows 32 bit OS.
Then you have bigger problems than SSLv3: http://tomcat.apache.org/security-7.html > Please suggest us configuration for disabling SSLv3 https://wiki.apache.org/tomcat/Security/POODLE > and support for TLS Fallback SCSV > <https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv> for > legacy clients(example - IE6 users where there is no TLS protocol). This is not supported by Java so it is not supported by Tomcat. Even if it were supported by Java, I see little point in providing support for clients that are themselves no longer supported and are likely to have their own vulnerabilities. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
