SSLv3 disabled on

Post date: Oct 15, 2014 2:59:02 PM

In response to the SSLv3 POODLE vulnerability, we have disabled support for SSLv3 at TLS is now required for access. We do not see any recent use of SSLv3 in our logs, so we do not expect this change to cause compatibility problems for CILogon users. We have also updated our cipher list according to the latest Mozilla Server Side TLS Guidance and have enabled HTTP Strict Transport Security (HSTS). As always, please contact if you experience problems or have questions/comments.