Supported Protocols: TLS & SSL
Context: The Wormly SSL Tester identifies the protocols supported by an SSL web server.
The term “SSL” is, in practise, a blanket term which is used to describe a number of underlying protocols which can be used to establish a secure communications channel.
Specifically, modern systems tend to use the TLS Version 1.0 protocol or, to a lesser extent, the SSL Version 3.0 (SSLv3) protocol.
In practise, so long as your server supports the TLS or SSLv3 (and preferably both) protocols your system should be secure and compatible with the vast majority of possible clients.
Some years ago, an earlier version of the SSL protocol - SSLv2 - was in widespread use. In the intervening time it has been shown to be fundamentally insecure and as such its’ use is strongly discouraged. Most modern clients do not support SSLv2 at all, and supporting SSLv2 can cause your web server to fail a number of security audits - including Payment Card Industry (PCI) certification.
Accordingly, the Wormly SSL Tester reports the presence of SSLv2 support and penalizes a servers’ score accordingly.