SSLv3 Disabled
In response to the recent POODLE vulnerability in SSLv3, I have disabled SSLv3 support in anything of mine which speaks SSL/TLS. All connections are running TLSv1.0, TLSv1.1, or TLSv1.2 now. I have also reviewed the list of ciphers in the mozilla wiki, and updated mine as needed.
I have been experimenting with turning off SSLv3 support periodically over the past year. At one point in the sprint, GoogleBot stopped visiting my site as it required SSLv3 at the time. This apparently changed in June of this year to include TLSv1.0 at least.
Now that I’ve disabled SSLv3 support, I’m experimenting with logging the combination of ssl_protocol/ssl_cipher. So far after a few minutes, it is TLSv1.2/ECDHE-RSA-AES128-GCM-SHA256
for 100% of 9 requests logged. :-)