On Saturday, July 25, 2015 01:18:49 pm Viktor Dukhovni wrote: > I would go further, and say that "prohibiting RC4" in any sense > that is more than prohibiting its use as the final outcome of a > handshake would be a rather counter-productive strategy. > > Servers and clients are strongly encouraged to not choose it, but > to reject connections from peers that offer it for interoperability > with others would just create a mess that would be operationally > challenging. RC4 is dying, just let it fade away into insignificance.
I agree. The current draft language of not offering or negotiating RC4 is fine, as-is. My proposal of stopping tolerance of garbage suite offers is just for <112-bit junk. Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
