It seems that now, or soon, it may be a requirement to disable TLS 1.0 on your site in order to be PCI compliant: https://code.google.com/p/chromium/issues/detail?id=375342#c44 ….
@Nick_Lowe My understanding is that the server will fail audit if it has any CBC cipher suites enabled and TLS 1.0 enabled, or RC4 enabled.
-
-
@BRIAN_____ Why though when it's a client vulnerability and one that's patched in all the browsers? -
@BRIAN_____ There are many other worse things that such clients are vulnerable to if they're unpatched...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.