[wp-trac] [WordPress Trac] #36320: PayPal 2016 merchant security upgrades - Core defaults need to be changed
WordPress Trac
noreply at wordpress.org
Mon Apr 4 17:34:59 UTC 2016
#36320: PayPal 2016 merchant security upgrades - Core defaults need to be changed
--------------------------+------------------------
Reporter: reidbusi | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: HTTP API | Version: 4.4.2
Severity: major | Resolution: duplicate
Keywords: | Focuses:
--------------------------+------------------------
Comment (by reidbusi):
Replying to [comment:26 mikejolley]:
I see the current code in Woo master tree is using the integer value of
the constant now, but you might as well just set it to 6, since it is only
affecting paypal the way you have it written, and paypal will not allow
anything other than TLS 1.2 (currently on sandbox and also on live as of
June 17th).
So there is no sense in allowing negotiation, it is detrimental, as some
hosts (like mine) cannot do the negotiation anyway.
Basically, paypal is only allowing TLS 1.2 so there is no sense setting it
to 1 which is more likely to fail, when you can just set it to six which
is required anyway.
Just my thoughts.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36320#comment:27>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list