I changed this on some Exchange servers. I had no issues with people not being able to connect. I cant say for sure that I ever tested IE6, but I had a large enough user base that if something had broken I would have heard about it.
Jeremy From: paul d [mailto:[email protected]] Sent: Wednesday, February 10, 2010 11:11 AM To: NT System Admin Issues Subject: RE: PCI compliance I haven't made the changes yet, Richard. But, yes, those are the changes I'd make. I was just wondering if anybody had made the change and ran into a problem. In 'googling', I ran across a message from someone running SBS that said disabling 2.0 would stop IE6 users from accessing that server. ________________________________ Date: Wed, 10 Feb 2010 14:06:04 -0500 Subject: Re: PCI compliance From: [email protected] To: [email protected] How did you go about it? The registry changes at [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0] and [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]? Is it only one user, and only on IE6? On Wed, Feb 10, 2010 at 1:57 PM, paul d <[email protected]<mailto:[email protected]>> wrote: We have failed our PCI compliance due to some servers having SSL 2.0 enabled and "...the use of weak ciphers." Has anybody run into an issue whereby they disabled 2.0 and/or weak ciphers and then users couldn't connect? Servers are W2000 and W2003. My main concern is that since our pay "stubs" are now online (running on the w2003 box) and someone using IE6 can't connect. Thanks. ________________________________ Hotmail: Trusted email with Microsoft's powerful SPAM protection. Sign up now.<http://clk.atdmt.com/GBL/go/201469226/direct/01/> ________________________________ Hotmail: Trusted email with powerful SPAM protection. Sign up now.<http://clk.atdmt.com/GBL/go/201469227/direct/01/> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
