On Fri, Mar 28, 2014, Viktor Dukhovni wrote: > On Fri, Mar 28, 2014 at 05:23:45PM +0000, Tim Hollebeek wrote: > > > Windows XP is no longer a supported operating system. If you > > require compatibility with it, use a non-default cipher suite. It > > really is time for RC4-SHA1 to go away. > > That's nice, but wishing it, does not make it so. There are still > many Windows 2003 servers running IIS and Exchange 2007, that only > support RC4-SHA1. >
Some have decided that CBC mode should be disabled or given lower priority in TLS versions below 1.1 due to certain attacks on CBC mode. That leaves RC4-SHA1 as all that is left. I'm not saying I agree with that, just observing that it happens. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org