Mark Dain
So my bank's website is vulnerable to POODLE, doesn't have forward secrecy, doesn't support anything higher than TLS 1.0 and the cert uses SHA1. There has to be some regulation against this, right (SSL Labs says it's "PCI Compliant")? I don't think they're taking this seriously or maybe it's to support XP? ssllabs.com/ssltes...
8y, 28w
5 replies
¬