One aside: I'm curious where Google suggests that App Engine should not be PCI-DSS compliant; this seems like a documentation issue that we should fix.
On Thursday, March 22, 2018 at 4:30:16 AM UTC-4, Samuel Melrose wrote: > > Thankfully, if using Cloudflare Enterprise, you can enable TLSv1.2+ only > and they move you to a different set of IP ranges to support this. > > I'm curious why Google are suggesting that App Engine shouldn't be PCI-DSS > compliance, since their site states it is, as well as being sold that way > by their account managers: > > https://cloud.google.com/security/compliance/pci-dss/ > > Are they going to remove that come June 30th when TLSv1.2+ becomes a > requirement, or they won't stop supporting the old ciphers on App Engine at > the GFE? > > On Thursday, March 22, 2018 at 5:46:36 AM UTC, Attila-Mihaly Balazs wrote: >> >> AFAIK cloudflare has that same cipher (as a very last resort - just like >> Google - so realistically 99.999% of the clients won't use it): >> https://github.com/cloudflare/sslconfig/blob/master/conf >> >> So, yeah, "auditors". >> > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/dd2f0ef8-207c-40be-ac05-e4cc2199d9c6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.