Hello I checked now by sslLabs.com: https://www.ssllabs.com/ssltest/analyze.html?d=forums.freebsd.org and score is A+ But I don't think disable TLS 1.0 is ok. In test result paragraph: Handshake Simulation is informations that page will not work on: - Android 4.3 (and older) - IE 6,7,8 on XP/Vista - IE 8-10 on Win7 (TLS > 1.0 is disabled in default browser config) - old Java Very nice Web browser Secure protocols table: https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers Best Regards.
On Thu, 14 May 2015 12:19:55 +0200, Adam Major wrote: > Hello > > I checked now by sslLabs.com: > https://www.ssllabs.com/ssltest/analyze.html?d=forums.freebsd.org > > and score is A+ Ah, so it is now .. it was still B only half an hour ago :) > But I don't think disable TLS 1.0 is ok. If that's why I still can't connect to https://forums.freebsd.org/ then no, it's not too friendly. Was/Is it really necessary to disable it? cheers, Ian > In test result paragraph: Handshake Simulation is informations that > page will not work on: > - Android 4.3 (and older) > - IE 6,7,8 on XP/Vista > - IE 8-10 on Win7 (TLS > 1.0 is disabled in default browser config) > - old Java > > > Very nice Web browser Secure protocols table: > > https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers > > > Best Regards.
On Thu, May 14, 2015, at 05:19, Adam Major wrote:> Hello > > I checked now by sslLabs.com: > https://www.ssllabs.com/ssltest/analyze.html?d=forums.freebsd.org > > and score is A+ > > But I don't think disable TLS 1.0 is ok. >TLS 1.0 is dead and is even now banned in new installations according to the PCI DSS 3.1 standards. Nobody should expect TLS 1.0 to be supported by *any* HTTPS site now.