Earlier today, Google researchers disclosed a new vulnerability in the relatively old SSLv3 protocol. To protect WordPress.com visitors, we disabled SSLv3 support across all of WordPress.com (effective 2014-10-14 12:20 AM UTC). A very small percentage, somewhere less than 0.1% of WordPress.com total traffic was previously transmitted over SSLv3. Most of that traffic came from users using Internet Explorer 6 on Windows XP. In order to access any WordPress.com site over SSL, those users will need to either upgrade to and use a modern browser or a modern operating system. Of course, any unencrypted traffic (over HTTP) is unaffected by these changes. We are also looking into the possibility of mitigating the vulnerability and re-enabling SSLv3 support using Fallback SCSV, a solution proposed by Google researchers.
WordPress VIP Lobby 