killing RC4 in Chrome
tedks at riseup.net
Thu Sep 18 13:16:53 PDT 2014
On Thu, 2014-09-18 at 20:29 +0200, rysiek wrote:
> Dnia czwartek, 18 września 2014 11:10:55 Ted Smith pisze:
> > There's sort of a chicken/egg problem here.
> > You can actually just disable them in configuration; in Firefox, you can
> > just go to about:config and set all the security.*.rc4* to false instead
> > of true.
> > However, this breaks a *lot* of sites, including some big ones.
> Time for a little name and shame?
This was a while ago and I've forgotten, though it was enough to be
It'd be pretty easy to write a script that harvested the allowed
ciphersuites from the top Alexa sites, if you were really interested.
The EFF's HTTPS Observatory might also have this information.
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part
More information about the cypherpunks