SEMI-OT: Prohibiting RC4 Cipher Suites
Stefan Neufeind
dane-users at stefan-neufeind.de
Fri Feb 20 19:42:02 CET 2015
On 02/20/2015 07:26 PM, Patrick Ben Koetter wrote:
> A little off topic for DANE users, but somehow in scope. You might consider
> disabling RC4 in your servers cipher suite. IETF released an RFC requiring
>
> (...) that Transport Layer Security (TLS) clients and servers never
> negotiate the use of RC4 cipher suites when they establish connections.
> This applies to all TLS versions. This document updates RFCs 5246, 4346,
> and 2246.
> -- Prohibiting RC4 Cipher Suites, https://tools.ietf.org/rfc/rfc7465.txt
How about support (as a fallback) for older clients? How "safe" (no pun
intended) is it to disable as of today?
Kind regards,
Stefan
More information about the dane-users
mailing list