I see that there is a SOAP_SSL_METHOD parameters in the SoapClient, but the details on what it does and how it does it are not as specific. There is a comment on the PHP documentations that the SoapClient in php defaults to SSLv23, but is this method sufficient to prevent Man-in-the-middle degradation attacks that might fall back or otherwise enable an SSLv3 Poodle based attack?
i.e. is the default sufficient protection from this known exploit or should another SOAP_SSL_METHOD be specified when invoking a php based SoapClient call?
