On Fri, 25 Mar 2016 16:50, Eero Volotinen wrote:
Stop paranoia? Tlsv1.0 is not recommended when storing credit card data. Eero Hi List, Does anyone know why the above URL is still using TLS V1.0. I can't connect to it unless I enable TLS V1.0 which I was under the impression that it should not be used anymore. Thanks for any enlightenment. Steve
@Eero: IMHO you are missing some points here. There are more and more browsers that are unable to use SSL{2,3} as well as TLS1.0, not just disabled via config, but this decission was made at compile time. Newer Android and Apple-iOS devices for example. And the point is not that the site supports TLS1.0, but that it does not support TLS1.1 and/or TLS 1.2, and as such is incassessible to devices that ask for TLS1.1 as minimum for HTTPS. But that is for the admins/webmasters of the servers to resolve. - Yamaban _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos