I approach this Qualys community with what I expect is a more general interest in SSL and TLS.
I would like help putting in perspective bad ssl/tls server configurations.
Do I have cause for alarm if a server receives a poor grade on the ssl server test, even if I am using an up-to-date browser to communicate with the server?
As an example, what do I risk if I have a shopping experience with a server over a TLS 1.2 connection, even though the server also supports SSL 2.0?
Does support for insecure protocols or bad cipher suites potentially compromise access to a server, or only what is being transmitted to and from the server over those insecure connections?
Thank you and I look forward to a response.