Clientside apps: definitly not
on Server side: i usually set an minimum tls version, The ciphers baseline of HIGH and removing some ciphers like sha1, CBC and any NULL Containing cipher
userbinator•15h ago
Yes they should. Enough with this authoritarian user-hostile attitude. I can't even connect to your site as you reject my ClientHello, and I'm not going to figure out why.
h2782•10h ago
"Those who can't do it teach it."
tatersolid•15h ago
“Safari can’t open the page because it couldn’t establish a secure connection to the server.”
Irony or satire?
LoganDark•15h ago
Satirony?
faeranne•15h ago
Not even curl can connect... seems whatever this is on about isn't important enough for them to let people even try to read.
jsnider3•15h ago
I'm not going to take security advice from someone whose website I can't open in https.
Site won't load so I can't see if it's advocating no choices or a different mechanism or granularity for choices.
But, say, itsec banning some tls1.2 "for compatibility reasons" options is less drastic than itsec just banning tls1.2 from the company network entirely.
stop50•4d ago