Qualys has updated its rating guide and testing application for websites with SSL/TLS, to enforce stricter requirements in light of new attacks on older protocol versions and cipher suites. Like any practical deployment of cryptography, it continues to appear that getting TLS right is non-trivial at best.