>From 30 June 2018, TLSv1 is being deprecated by the PCI Data Security Standard (PCI DSS) for safeguarding online payment data.
Even if your servers do not accept online payments, most security scanning software will expect this standard. Note the TLS level is primarily determined by the server, provided the client supports modern protocols. Windows Internet Explorer 10 and earlier on Vista and XP and Android 4.3 and earlier only support TLSv1, but MSIE 11 on Windows 7 and later supports TLSv1.2, as does Firefox. So ICS web, FTP, mail, proxy and other servers should be configured to support TLSv1.1 as a minimum. This can be done using the SslContext, setting SslMinVersion := sslVerTLS1_1; for ICS V8.27 and later (two years ago). If you are on an earlier version, you should really update to the latest ICS, SSL is improving all the time. If the server uses new IcsHosts configuration, setting SslSrvSecurity to sslSrvSecInter or sslSrvSecInterFS now sets minimum TLSv1.1, and this is also the default if not otherwise set. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
