assurance - Re: [Assurance] RC4 encryption
Subject: Assurance
List archive
- From: "Cantor, Scott" <>
- To: "" <>
- Subject: Re: [Assurance] RC4 encryption
- Date: Tue, 26 Feb 2013 16:44:16 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport02.merit.edu; dkim=neutral (message not signed) header.i=none
On 2/26/13 11:39 AM, "Capehart,Jeffrey D"
<>
wrote:
>RC4 used as a symmetric key cipher negotiated during the Public-Key
>Cryptographic exchange with SSL protects the key which could be partly
>why it was allowed for limited use in the NIST SSL/TLS document as an
>exception.
>
>There was more to it than that, but that was the gist I got.
RC4 is also, at the moment, the best cipher available in widely deployable
TLS configuration, because most of the others use CBC mode and are
vulnerable unless newer TLS versions are used.
Basically, the current practice is to get RC4 promoted to the top of the
cipher list until all your clients support TLS 1.2.
I don't think this has anything to do with other uses of RC4.
-- Scott
- RE: [Assurance] RC4 encryption, Capehart,Jeffrey D, 02/26/2013
- Re: [Assurance] RC4 encryption, Cantor, Scott, 02/26/2013
Archive powered by MHonArc 2.6.16.