We have did this about a year ago for the same PCI reasons and have not heard one complaint from any quarter.
On Wed, Feb 10, 2010 at 2:10 PM, paul d <[email protected]> wrote: > I haven't made the changes yet, Richard. But, yes, those are the changes > I'd make. I was just wondering if anybody had made the change and ran into > a problem. In 'googling', I ran across a message from someone running SBS > that said disabling 2.0 would stop IE6 users from accessing that server. > > ------------------------------ > Date: Wed, 10 Feb 2010 14:06:04 -0500 > Subject: Re: PCI compliance > From: [email protected] > > To: [email protected] > > How did you go about it? The registry changes at > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL > 2.0] > and > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]? > > Is it only one user, and only on IE6? > > On Wed, Feb 10, 2010 at 1:57 PM, paul d <[email protected]> wrote: > > We have failed our PCI compliance due to some servers having SSL 2.0 > enabled and "...the use of weak ciphers." > > Has anybody run into an issue whereby they disabled 2.0 and/or weak ciphers > and then users couldn't connect? > > Servers are W2000 and W2003. > > My main concern is that since our pay "stubs" are now online (running on > the w2003 box) and someone using IE6 can't connect. > > Thanks. > > ------------------------------ > Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up > now. <http://clk.atdmt.com/GBL/go/201469226/direct/01/> > > > > > > > > > > > > ------------------------------ > Hotmail: Trusted email with powerful SPAM protection. Sign up > now.<http://clk.atdmt.com/GBL/go/201469227/direct/01/> > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
