I'm looking for an explanation to this:
I am using the site https://www.chase.com
as an example.
I use openSSL to verify that a site is using cipher sslv3.
I verified that it is NOT using sslv2 because I do not see the cert when I run command:
openssl s_client -connect chase:443 -ssl2
I then go into my IE browser version 9, tools < internet options < advanced < and uncheck SSLv3 and CHECK sslv2
Why is it that I can still browse to https://www.chase.com
and it works? My wireshark shows it using SSLV2. Shouldn't it break or tell me to upgrade?