Author dstufft
Recipients Arfrever, alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date 2014-03-21.13:16:26
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395407787.06.0.461598052403.issue20995@psf.upfronthosting.co.za>
In-reply-to
Content
As I said earlier Antoine, doing that puts PFS RC4 before non PFS AES. That isn't good because RC4 key stream bias makes it extremely fragile. RC4 needs to be in the default ciphers for compatibility sake but it should be dead last so that it's only used as a last ditch effort because it should *not* be considered generally secure anymore.
History
Date User Action Args
2014-03-21 13:16:27dstufftsetrecipients: + dstufft, lemburg, ncoghlan, pitrou, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray
2014-03-21 13:16:27dstufftsetmessageid: <1395407787.06.0.461598052403.issue20995@psf.upfronthosting.co.za>
2014-03-21 13:16:27dstufftlinkissue20995 messages
2014-03-21 13:16:26dstufftcreate