Hi Nick,
funnily enough that SSL3 question landed on my desk on Friday in regard of Transport Layer Security in PI.
I used two OSS Notes to get to the conclusion:
I used Section 7 of this OSS Note: 510007 - Setting up SSL on Web Application Server ABAP
and
this Note: 1433874 - SapSSLReloadCred fix, SSLv3/TLSv1.0 configurability, GOST
Basically there's a profile parameter which needs to be set to configure the system to use TLS instead of SSL3 and that is described in section 7 of 510007.
Kind regards,
Andy.
p.s. I am also not hard core Security, hence putting questions here and seeking the advice of others to fill the gaps in knowledge and put doubts to rest :-)