我是否通过在IIS5中禁用SSL 2.0和PCT 1.0来拒绝客户? [英] Am I turning away customers by disabling SSL 2.0 and PCT 1.0 in IIS5?

问题描述

通过在IIS5中禁用SSL 2.0和PCT 1.0，是否有失去销售的风险?

Do I risk losing sales by disabling SSL 2.0 and PCT 1.0 in IIS5?

说明:由于无法在Web服务器上禁用SSL 2.0或PCT 1.0，因此客户无法通过SSL连接以完成电子商务交易，因此将损失销售收入.

Clarification: Sales would be lost by client not being able to connect via SSL to complete ecommerce transaction because SSL 2.0 or PCT 1.0 is disabled on the web server.

Microsoft kbase文章: http://support.microsoft.com/kb/187498

Microsoft kbase article: http://support.microsoft.com/kb/187498

推荐答案

现代浏览器似乎根本不支持SSLv2(Google Chrome，Opera 9.52，Firefox)，或者默认情况下将其禁用(IE7，IE8).

Modern browsers either don't appear to support SSLv2 at all (Google Chrome, Opera 9.52, Firefox) or have it disabled by default (IE7, IE8).

也就是说，您担心使用比现代少得多的Web浏览器的人们失去业务吗?

That said, are you concerned about losing business from people using much-less-than-modern web browsers?

更重要的是，您是否担心客户的安全?即使他们只能使用SSLv2进行连接，您是否也希望他们使用已知不安全的协议与您执行安全交易(请参见 Google )?

Possibly more importantly, are you concerned about your customers' security? Even if they can only connect using SSLv2, do you want them performing secure transactions with you using a protocol that is known to be insecure (see Google)?

作为计算机专业人员，我会毫不犹豫地建议管理部门禁用SSLv2.我将由bean柜台来决定他们是否认为额外收入值得潜在的负债.

As a computer professional, I would not hesitate to recommend to management that SSLv2 be disabled. I would leave it up to the bean counters to determine whether they think the additional income is worth the potential liability.

这篇关于我是否通过在IIS5中禁用SSL 2.0和PCT 1.0来拒绝客户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！