!!! Overview
[{$pagename}] ([RFC 7568]) was released in [1996|Year 1996], the [SSLv3] protocol [RFC 6101] has been subject to a long series of [attacks], both on its [key-Exchange] mechanism and on the [encryption] schemes it supports.  

Despite being replaced by: 
* [TLS 1.0] [RFC 2246] in [1999|Year 1999]
* [TLS 1.1] in [2002|Year 2002] [RFC 4346] 
* [TLS 1.2] in [2006|Year 2006] [RFC 5246]
availability of these replacement versions has not been universal. As a result, many implementations of [TLS] have permitted the negotiation of [SSLv3].

The predecessor of [SSLv3], [SSL version 2|SSLv2], is no longer considered sufficiently secure [RFC 6176].  [SSLv3] now follows.

!! 3.  Do Not Use SSL Version 3.0
[SSLv3] [MUST NOT] be used.  Negotiation of [SSLv3] from any version of [TLS] [MUST NOT] be permitted.

Any version of [TLS] is more secure than [SSLv3], though the highest version available is preferable.

Pragmatically, clients [MUST NOT] send a [ClientHello] with [ClientHello].client_version set to {03,00}.  Similarly, servers [MUST NOT] send a [ServerHello] with [ServerHello].server_version set to {03,00}.  Any party receiving a Hello message with the [protocol] version set to {03,00} [MUST] respond with a "protocol_version" alert message and close the connection.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]