Duane wrote: > Ram A M wrote: > > > I have SSL2 disabled and AFAIK it has not limited my access to sites in > > a long time. Perhaps it is time to retire SSL2 in the default config. > > I have had problems with one domain registrar using it...
Yep me too, it seems netsol still requires SSL2. I wonder how many sites that require SSL2 do so because they are misconfigured accidentally. Anyone know a good reason to support only SSL2 in cases where SSL3 or TLS support is available in the same server (perhaps some old SSL enabled load balancers)? A quick peak reveals that netsol uses Netscape Enterprise 6.x which supports SSL3. I also checked and the AOL site mentioned in an earlier thread and it uses IIS6 which seems to support SSL3 or TLS when run at https:/www.microsoft.com . Both these sites could turn on SSL3/TLS if they wanted to. Anyone know of a non-small site that operates SSL2 using a server that can't do SSL3? _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
