With the furore over Heartbleed and the seemingly regular database intrusions we hear about these days, all manner of companies are taking security a little more seriously. eBay, for instance, recently stepped up its game, killing support for SSL 3.0. It doesn’t mean much to the daily experience, but it’s a step in the right direction.
Outwardly, the change won’t make a lick of difference to the majority of users, unless you’re running versions of Internet Explorer older than 7 or Opera below version 5.
In fact, so outdated is SSL 3.0, it’s likely other sites have dumped the protocol already and due to the prevalence of modern browsers, no one has noticed.
Given eBay is a major commerce site, the importance is greater here, with the eBay statement declaring it a “precautionary measure”:
What is SSLV3?
SSLV3, or SSL 3.0, is an Internet security protocol that was designed to ensure secure connections when surfing on the Internet. It is widespread, 18 years old, and has largely been replaced by modern protocols, such as Transport Layer Security (TLS).
How will eBay disabling SSLV3/SSL3.0 support impact me?
eBay is disabling support for SSL 3.0 as a precautionary measure. Most customers will not see any impact from this change when using eBay. However, a very small percentage of customers using older versions of browsers without support for the newer, more secure protocol will experience issues using eBay and will need to update their browser.
Firefox, Chrome and Safari users have nothing to worry about, but if for some bizarre reason you’re trucking along with IE 6… well, you’ve got bigger problems than accessing eBay.
General Announcements [eBay]