Important!!! Are You Ready for 30 June 2018? Saying Goodbye to SSL/early TLS
 

https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

Some say it is going to be "illegal" to use IE6-10

https://scontent.fhel2-1.fna.fbcdn.net/v/t1.0-9/23915497_1618181404894529_7957804125984914032_n.pn g?oh=0fbdb2b451de009cf97b7c7bbb049c0e&oe=5AA11F10

Re: Important!!! Are You Ready for 30 June 2018? Saying Goodbye to SSL/early TLS
 

This also says "Additionally, use of weak cipher suites or unapproved algorithms – e.g., RC4, MD5, and others – is not allowed."

XC uses MD5 for hashing just about everywhere...

Same should apply to earlier versions of Chrome, Firefox, etc
So yes I guess we are going back to the really annoying messages showing on sites - please update your browser or use blah-blah-blah...

Maybe off topic but I don't hear PCI council saying anything about the Equifax case. This just makes PCI not creditable in my eyes at all... But they are the ones writing the rules for everyone to follow.

Re: Important!!! Are You Ready for 30 June 2018? Saying Goodbye to SSL/early TLS
 

MD5 "....has been found to suffer from extensive vulnerabilities" (sic) and, it's not the only dated security process that XC are/was using.
We'll be re-inspecting some particular bug fixes once the next upgrades are available at Merchant Wave.We exclude SSL 1.0, 2.0, 3.0 and TLS 1.0 by default and are using TLS 1.2 and TLS 1.3 ciphers only.
That means that some old browser and/or O/S users simply can't visit us at all. We're happy with that. C'est La Vie :D/ The PCI crowd, sadly, like many other "authorities" are in the do as we say, not do as we do club..:wink: