[AusNOG] Issues receiving from TPG Mail servers.
newton at atdot.dotat.org
Mon Jul 23 15:36:45 EST 2018
> On Jul 23, 2018, at 3:27 PM, Rob Thomas <xrobau at gmail.com> wrote:
>> But shouldn't your public mail server be out of scope for PCI?
> Here. ladies and gentleman, is a nerd that has never encountered the
> insanity and conflicting information that is PCI. Be quiet, we don't
> want to scare it.
> In all seriousness, yes, they will fail you if you have anything
> listening on a machine that accepts TLS1.0 connections.
Then you push back, and they don’t.
That’s how it works.
If you have an incompetent auditor and you’re a passive customer, you’re going to have a bad time.
If you know what you’re doing, know where the boundaries of the CDE are, and know what the PCI-DSS spec actually says, and push back on the auditor’s nonsense when they step out of bounds, then you’ll have a better time.
You’re the auditor’s customer. You have a right to expect that they aren’t shit.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG