What are some compelling reasons (if any) to continue supporting RC4-based TLS ciphersuites? @BRIAN_____ @mozkeeler
-
-
Replying to @garrettr_
@garrettr_@mozkeeler For a browser or a server? Either way, the answer is "I'll make more money supporting it than not supporting it."1 reply 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@mozkeeler For a server. I don't follow your second point...2 replies 0 retweets 0 likes -
Replying to @garrettr_
@garrettr_@mozkeeler Performance and technical issues other than "does the client support it or not" don't really matter so much now.1 reply 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@mozkeeler Agreed, my concern would be clients who don't support other ciphersuites. Any idea approx. how many that is?3 replies 0 retweets 0 likes -
Replying to @garrettr_
@garrettr_@BRIAN_____ Win XP is the big one, and it's still disturbingly large. Fraction of XP users varies alot by product.1 reply 0 retweets 1 like -
-
Replying to @BRIAN_____
@BRIAN_____@garrettr_ good point. It is still MD5-only though, right?1 reply 0 retweets 0 likes
@j4cob @garrettr_ No, it is SHA-1. You can see it here: https://www.ssllabs.com/ssltest/viewClient.html?name=IE&version=6&platform=XP …. Also, SHA-1-HMAC vs. MD5-HMAC doesn't matter much anyway.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.