[ic] {OT} hardening SSL without rejecting users

Peter peter at pajamian.dhs.org
Tue Apr 27 12:43:35 UTC 2010


On 27/04/10 14:17, Grant wrote:
> I've been advised to harden my SSL in the following ways:
> 
> 1. disable SSL 2.0
> 2. disable use of SSL ciphers which offer either weak or no encryption
> 3. disable anonymous SSL ciphers
> 
> Will some website users not be able to use https if I do this?

Users of Netscape Navigator versions prior to 2.0 and other extremely
old browsers from that era (1995).  In other words, odds are you won't
find any users that this change affects.


Peter




More information about the interchange-users mailing list