SEMI-OT: Prohibiting RC4 Cipher Suites
ietf-dane at dukhovni.org
Fri Feb 20 20:03:04 CET 2015
On Fri, Feb 20, 2015 at 07:54:01PM +0100, Patrick Ben Koetter wrote:
> We've been running large (ISP) sites without RC4 and aNull for more than a
> year without any trouble. Personally I wouldn't hesitate to disable both.
I also think that disabling anonymous Diffie-Hellman on SMTP servers
is not a good idea or is at least pointless.
SMTP clients should IMHO only drop anonymous ciphersuites from
their TLS cipherlist if they are planning to do *something* with
More information about the dane-users