[cryptography] no, don't advertise that you support SSLv2!
iang at iang.org
Tue Aug 4 07:43:12 EDT 2015
On 4/08/2015 05:29 am, Patrick Pelletier wrote:
> I was on an e-commerce site today, and was horrified when I saw the
> following badge:
> Did they still have SSLv2 enabled? I checked, and luckily they don't:
> So, it's not as bad as their badge claims, but still, they only get a
> C. (They support only one version: TLS 1.0.) I would've thought a big
> Web property like Yahoo could do better. :(
Why is this any different to a web browser showing a padlock to users
that means you're secure?
More information about the cryptography