New submission from Alex Gaynor: In addition to the security concerns, it is now a violation of RFC7465 to offer a cipher suite with RC4 in a ClientHello: https://tools.ietf.org/html/rfc7465
---------- components: Library (Lib) files: rc4.diff keywords: patch messages: 236202 nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou priority: normal severity: normal status: open title: SSL module should not offer RC4 based cipher suites for clients by default versions: Python 2.7, Python 3.4, Python 3.5 Added file: http://bugs.python.org/file38176/rc4.diff _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue23481> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
