Message 214360 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	dstufft
Recipients	Arfrever, alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date	2014-03-21.13:16:26
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1395407787.06.0.461598052403.issue20995@psf.upfronthosting.co.za>
In-reply-to

Content
As I said earlier Antoine, doing that puts PFS RC4 before non PFS AES. That isn't good because RC4 key stream bias makes it extremely fragile. RC4 needs to be in the default ciphers for compatibility sake but it should be dead last so that it's only used as a last ditch effort because it should not be considered generally secure anymore.

As I said earlier Antoine, doing that puts PFS RC4 before non PFS AES. That isn't good because RC4 key stream bias makes it extremely fragile. RC4 needs to be in the default ciphers for compatibility sake but it should be dead last so that it's only used as a last ditch effort because it should *not* be considered generally secure anymore.

History
Date	User	Action	Args
2014-03-21 13:16:27	dstufft	set	recipients: + dstufft, lemburg, ncoghlan, pitrou, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray
2014-03-21 13:16:27	dstufft	set	messageid: <1395407787.06.0.461598052403.issue20995@psf.upfronthosting.co.za>
2014-03-21 13:16:27	dstufft	link	issue20995 messages
2014-03-21 13:16:26	dstufft	create