classification
Title: SSL module should not offer RC4 based cipher suites for clients by default
Type: Stage: resolved
Components: Library (Lib) Versions: Python 3.5, Python 3.4, Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: alex, christian.heimes, dstufft, giampaolo.rodola, icordasc, janssen, pitrou, python-dev
Priority: normal Keywords: patch

Created on 2015-02-19 00:54 by alex, last changed 2015-02-19 22:58 by python-dev. This issue is now closed.

Files
File name Uploaded Description Edit
rc4.diff alex, 2015-02-19 00:54 review
Messages (4)
msg236202 - (view) Author: Alex Gaynor (alex) * (Python committer) Date: 2015-02-19 00:54
In addition to the security concerns, it is now a violation of RFC7465 to offer a cipher suite with RC4 in a ClientHello: https://tools.ietf.org/html/rfc7465
msg236203 - (view) Author: Ian Cordasco (icordasc) * Date: 2015-02-19 00:56
It's clearly no longer acceptable to include RC4 when the IETF has felt it necessary to publish an RFC prohibiting its usage.
msg236238 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2015-02-19 22:22
Sounds fine to me. Should a test be added?
msg236240 - (view) Author: Roundup Robot (python-dev) Date: 2015-02-19 22:58
New changeset c509e6f18d7d by Benjamin Peterson in branch '3.4':
remove rc4 from the default client ciphers (closes #23481)
https://hg.python.org/cpython/rev/c509e6f18d7d

New changeset 3596081cfb55 by Benjamin Peterson in branch '2.7':
remove rc4 from the default client ciphers (closes #23481)
https://hg.python.org/cpython/rev/3596081cfb55

New changeset 041a27298cf3 by Benjamin Peterson in branch 'default':
merge 3.4 (#23481)
https://hg.python.org/cpython/rev/041a27298cf3
History
Date User Action Args
2015-03-16 17:40:40r.david.murrayunlinkissue23679 dependencies
2015-03-16 16:38:21benjamin.petersonlinkissue23679 dependencies
2015-02-19 22:58:26python-devsetstatus: open -> closed

nosy: + python-dev
messages: + msg236240

resolution: fixed
stage: resolved
2015-02-19 22:22:52pitrousetmessages: + msg236238
2015-02-19 00:56:55icordascsetnosy: + icordasc
messages: + msg236203
2015-02-19 00:54:56alexcreate