I was on an e-commerce site today, and was horrified when I saw the
following badge:
https://lib.store.yahoo.net/lib/yhst-11870311283124/secure.gif
Did they still have SSLv2 enabled? I checked, and luckily they don't:
https://www.ssllabs.com/ssltest/analyze.html?d=us-dc2-order.store.yahoo.net
So, it's not as bad as their badge claims, but still, they only get a
C. (They support only one version: TLS 1.0.) I would've thought a big
Web property like Yahoo could do better. :(
--Patrick
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography