I'm not going to take security advice from someone whose website I can't open in https.

Clientside apps: definitly not on Server side: i usually set an minimum tls version, The ciphers baseline of HIGH and removing some ciphers like sha1, CBC and any NULL Containing cipher

https://web.archive.org/web/20250606081030/https://00f.net/2... given this seems to not accept (most?) TLS handshakes...

Site won't load so I can't see if it's advocating no choices or a different mechanism or granularity for choices.

But, say, itsec banning some tls1.2 "for compatibility reasons" options is less drastic than itsec just banning tls1.2 from the company network entirely.

ruh roh... "no secure protocols supported", per https://www.ssllabs.com/ssltest/analyze.html?d=00f.net

Yes they should. Enough with this authoritarian user-hostile attitude. I can't even connect to your site as you reject my ClientHello, and I'm not going to figure out why.

That's how I implemented it. Just with less checkboxes.

“Safari can’t open the page because it couldn’t establish a secure connection to the server.”

Irony or satire?