On Fri, Aug 11, 2017 at 02:52:56PM +0200, Marco d'Itri wrote: > On Aug 11, Marco d'Itri <m...@linux.it> wrote: > > > but I see on your link that Android pre-5.x still has a ~25% market > > share, so unless it will drop a lot in the next year I do not think that > > we can cut them off from Debian-based web servers. > OTOH if the PCI council says that TLS < 1.2 has to go by june 2018 then > this will probably not be such a big deal: > > https://www.fastly.com/blog/phase-two-our-tls-10-and-11-deprecation-plan/ >...
Based on the PCI document they are linking to[1], the claim that the PCI council said that TLS 1.1 also has to go by june 2018 is not true: The best response is to disable SSL entirely and migrate to a more modern encryption protocol, which at the time of publication is a minimum of TLS v1.1, although entities are strongly encouraged to consider TLS v1.2. > ciao, > Marco cu Adrian [1] https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplement_v1.pdf -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
