While going through CIS benchmark for IIS 7.0/7.5 (CIS_Microsoft_IIS_7_Benchmark_v1.3.0.pdf), I found that in section 1.1.10 Use Only Strong Encryption Protocols, it is mentioned as follows;
To enable the SSL 3.0 protocol on R2 and SP2, ensure the following key does not exist. If the key does exist, ensure it is set to ffffffff.
HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server\Enabled
But i see in many forums/blogs that to enable SSL 3.0 on IIS 7.0/7.5 they set the above registry key to 1 and not ffffffff.
↧
IIS 7.0/7.5 CIS Security Benchmark clarification
↧