!!! Overview
[{$pagename}]

!! Appendix A2: Additional [PCI DSS] Requirements for Entities using [SSL]/early [TLS]

[SSL] and early [TLS] [SHOULD NOT] be used as a security control to meet these requirements. To support entities working to migrate away from SSL/early TLS, the following provisions are included:
* New implementations must not use SSL or early TLS as a security control.
* All service providers must provide a secure service offering by June 30, 2016.
* After June 30, 2018, all entities must have stopped use of [SSL]/early [TLS] as a security control, and use only secure versions of the protocol (an allowance for certain POS POI terminals is described in the last bullet below).
* Prior to June 30, 2018, existing implementations that use [SSL] and/or early [TLS] must have a formal Risk Mitigation and Migration Plan in place.
* [POS Terminal] POI terminals (and the [SSL]/[TLS] termination points to which they connect) that can be verified as not being susceptible to any known exploits for [SSL] and early [TLS], may continue using these as a security control after June 30, 2018. 

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]