> And the strategies vary. It might be that we don't need to worry about this, > because we might have widely disabled RC4 by the time TLS > 1.3 ships.
"we" meaning browsers. "we" not being everyone who will use TLS 1.3 Ekr has pointed out a problem; if you connect with a protocol range and proffer RC4, can we do anything about it except point out multiple times that 1.3 servers MUST NOT accept it? _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
