[Avamander]

> Users who still rely on that have to use the old software, against which there can be barriers

Not all reliance is reasonable though.

Some legacy software can only do SSLv3 or lower, does that mean the rest of the internet has to carry that support around? Abso-f-lutely not.

The same applies here. If you really need that ancient stuff that loses support, repackage them in newer encryption or remove the obsolete layer. It's highly probable that information no longer needs to stay encrypted at rest anyways.

[kazinator]

In my opinion, the Internet should not be removing support for older SSL. The highest SSL version that is common to server and client should always be used.

[woodruffw]

> The highest SSL version that is common to server and client should always be used.

That is how it works. What you're missing is that everyone, both servers and clients, agrees that supporting old SSL versions is a bad idea. And they're right.

[kazinator]

Since I don't agree, it cannot be everyone.

More precisely, I don't agree with web clients not connecting to old servers.

[dale_glass]

Security done properly requires some sacrifices. Keeping old insecure versions working means exposing users to trivial ways of breaking encryption.

[kazinator]

If that were the actual principle being accurately followed, the first feature to have been removed from browsers would have been plain HTTP before any version of SSL.

Plain HTTP is what people resort to when their browser refuses to connect to an old device or server using HTTPS, which is worse than old SSL.

[Avamander]

No, because clear lack of security is better than faux security. With older SSL versions, it's security that even creates extra risk for all clients (by leaking server secrets and allowing ciphersuites that don't have PFS).