Windows XP
Closed this issue · 4 comments
List the issues that Windows XP support raises:
- No ECDSA support
- No SNI support
- No SHA-2 support (for SP2 and below)
A decision to not support Windows XP can thus save money, improve security, and increase website performance.
Point out the overall (low) number on analytics.usa.gov, and encourage agencies to, on a site by site basis using site-specific analytics, evaluate whether Windows XP support needs to be a requirement.
Do you think it's worth suggesting that sites look into tools like MED-V (https://technet.microsoft.com/en-us/library/gg699692.aspx) to demote XP / IE6 from the default experience to a fallback VM for specific internal apps which cannot yet be replaced?
Seems at least worth a paragraph! Do you want to write one?
Add to that lack of certain root certificates which affects IE and Chrome's ability to connect to secure sites. Firefox is unaffected because it uses its own SSL/TLS stack and certificate store.
I'm going to close this issue, as SHA-2 and SNI are each covered better now in expanded pages on the site, and SNI has been rewritten to emphasize the role XP+IE plays in compatibility.
@WilliamFeely That seems like a separate issue from this thread's topic, but feel free to open another issue or pull request if you'd like to discuss it further.