Here's the updated connection table: SSL2 SSL3 SS23 TLS1 SSL2 yes no yes no SSL3 yes yes yes no SSL23 yes no yes no TLS1 no no yes yes Given this, I think the client-side default should be changed from SSLv23 to SSLv3, and the server-side default should be SSLv23. Bill