[cryptography] no, don't advertise that you support SSLv2!
ag4ve.us at gmail.com
Tue Aug 4 04:20:37 EDT 2015
Yahoo has always had lax security (weak spam filters, no bad pass lock, no
attachment virus scan). But as a news site (as long as their reporters get
to have better security), they don't do bad.
On Aug 3, 2015 10:03 PM, "Patrick Pelletier" <code at funwithsoftware.org>
> I was on an e-commerce site today, and was horrified when I saw the
> following badge:
> Did they still have SSLv2 enabled? I checked, and luckily they don't:
> So, it's not as bad as their badge claims, but still, they only get a C.
> (They support only one version: TLS 1.0.) I would've thought a big Web
> property like Yahoo could do better. :(
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography