-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rahul,
On 3/27/15 10:42 PM, Rahul Kumar Singh wrote: > Ok I understand, Is it mentioned somewhere in tomcat spec. That it > is not being used in JSSE connector. > > Based on the above answer my next question: If any browser is > affected with this CVE , then what happen, e.g IE-11. If user tries > to open the web application from IE-11 , then what happen. If the server does not support TLS or SPDY compression, then it doesn't matter what problems the client has. I'm not sure if there's a way to disable SPDY compression, since it's built-into the SPDY protocol. - -chris > ________________________________________ From: Ognjen Blagojevic > [ognjen.d.blagoje...@gmail.com] Sent: Friday, March 27, 2015 8:34 > PM To: Tomcat Users List Subject: Re: SSL / TLS compression | SPDY > service|CVE-2012-4929 > > Rahul, > > On 27.3.2015 14:42, Rahul Kumar Singh wrote: >> So how to disable compression and / or the SPDY service in >> tomcat6. > > If you are using JSSE connectors (BIO/NIO/NIO2), compression is > already disabled because JSSE does not support it, and there is no > support for SPDY protocol on those connectors. > > If you are using APR/Native connector, if you didn't explicitly > enabled it, SPDY is disabled by default. You may disable TLS > compression using APR/Native connector parameter > SSLDisableCompression="true". > > -Ognjen > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > DISCLAIMER: > ---------------------------------------------------------------------- - ------------------------------------------------- > > The contents of this e-mail and any attachment(s) are confidential and > intended for the named recipient(s) only. It shall not attach any > liability on the originator or NEC or its affiliates. Any views or > opinions presented in this email are solely those of the author and > may not necessarily reflect the opinions of NEC or its affiliates. > Any form of reproduction, dissemination, copying, disclosure, > modification, distribution and / or publication of this message > without the prior written consent of the author of this e-mail is > strictly prohibited. If you have received this email in error > please delete it and notify the sender immediately. . > ---------------------------------------------------------------------- - ------------------------------------------------- > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVFqWfAAoJEBzwKT+lPKRYj/AP+QHr0m5jgXin9ronjz4vYVTW SrjNMmIfa5wB5CZJzumUd4w2f0iRxgfPT02r/bVCXICo9xKouCGrnmga+EACZaWO n/d06kn2tGAOHqL7uXd4h4bJBtXfwa6Hxj9zXqnEwMpQ7sz73lOi/l0Y0rHp39vO Htt69ymNhzJvoQ2Gbgk0a/pmcnv7SIF8i8UA8xWV3c6XAa0vg7gFrH8m7EwdXCqe jfqOHw8olx35V88rREnbGVjiwJJTf3lzAqgxXCRT15WxYyiPb2sdtn9f/oj773aa xtGKXbCekJSOAt4ukHfWiKe1K9JiXGmKtd1mVcMNYvGkjIvns/e2IiBhNsM+R2Rc t4m/ueWLeLHRpYi7khYSipIa55ghrijfHxGKFdNYGWioEgvtEP2dBS+P9KIeEvjY qKdPGyhZch0QuJBKcRdyIhfCHb8ZcLjAFJK8VX4D7uiWaaWI8Nao5oEcA+45owkX scPUKe7BOvgkGqdoOqpClzWa430SycGZPdJWwK5yjosgTIUPx2tb99cizu9jX/7b YtImcQ7lOg6Qh3BtAwyftvmw2mwGVruoa/LL0no4cR5BmN3RnuyahbIuZ/dL3d0y NEsRbny5pRjDyI7TnO3DsX9MjxICRFOImSDpUJNLv5PGlFm+rz7z8NU5HHfxRGbU zU2RT/2M2hfUy3HUkW50 =NejE -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
