Hi
First a disclaimer, I am not a professional SSL/TLS-dude :)
From what I gather, with TLS 1.0 and the BEAST attack, only non-CBC-mode ciphers (i.e. RC4) are still "secure".
TLS 1.1 mitigated that attack vector.
Consider a case when the server needs to support TLS 1.0 and TLS 1.1:
As far as I understand it, there's now way to configure the server to only allow the RC4-ciphers for TLS 1.0 and still allow the CBC-mode ciphers for TLS 1.1.
As per the TLS RFC's, shouldn't it be possible since the first message (ClientHello) in the handshake contains all the protocol versions and ciphers the client supports?
Checked mod_ssl and mod_gnutls for the unmentionable and it seems like they can't do it either.
Cheers!