Wastholm.com

Bookmark

SSL and TLS 1.0 No Longer Acceptable for PCI Compliance

blog.varonis.com/ssl-and-tls-1-0-no-longer-acceptable-for-pci-compliance/, posted 2016 by peter in communication networking security

The PCI Council says you must remove completely support for SSL 3.0 and TLS 1.0. In short: servers and clients should disable SSL and then preferably transition everything to TLS 1.2.

However, TLS 1.1 can be acceptable if configured properly. The Council points to a NISTpublication that tells you how to do this configuration.

Your Host

Hello,

[photo]

my name is Peter Wastholm and I'm a consultant and entrepreneur i Stockholm, Sweden. Here's a presentation, of sorts. You can also find me here:

mastodon.social/@wastholm | linkedin.com/in/wastholm

Version 3.19.34-587. © Wastholm Media 1997–2024. All rights reserved. Please enjoy responsibly. Void where prohibited by law. Viewer discretion is advised. This is not a flotation device.

Masthead image: torange-biz @ Flickr.com. Слава Україні!

More Sites and Experiments