killing RC4 in Chrome

Cathal Garvey cathalgarvey at cathalgarvey.me
Thu Sep 18 03:26:23 PDT 2014


This is what occurred to me when I saw your first few mails on this
subject; how hard is it to just comment out the stupid algos in the
source for FF/Chrome, and just recompile? TLS negotiates available
algos, so there's probably a list somewhere of which algos to send to
the server; you could change nothing but that list and the algos would
simply never be advertised, negotiated, or used?

On 18/09/14 03:31, coderman wrote:
> https://twitter.com/grittygrease/status/512328703938797568
> 
> <grittygrease> Are you planning on dropping RC4 support in Chrome anytime soon?
> 
> <sleevi_> Not until I can work with @mikewest to get our mixed content
> detection improved and get @__apf__ on board for more sec-ui :)
> 

-- 
Twitter: @onetruecathal, @formabiolabs
Phone: +353876363185
Blog: http://indiebiotech.com
miniLock.io: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x988B9099.asc
Type: application/pgp-keys
Size: 6176 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140918/d4077fa8/attachment-0002.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140918/d4077fa8/attachment-0002.sig>


More information about the cypherpunks mailing list