Nadim Kobeissi <na...@nadim.cc> writes: >AES-GCM is already prioritized over RC4, but unfortunately most browsers >don't support AES-GCM yet, which is why RC4 remains as the secondary choice. >In the case that AES-GCM is not supported, we use RC4 instead of AES-CBC in >order to mitigate for BEAST. If you have alternate suggestions to this, >please let me know.
This: http://tools.ietf.org/html/draft-gutmann-tls-encrypt-then-mac-03 pretty much cancels out about ten years worth of attacks on SSL/TLS' integrity-checking. The only downside is that browser support at the moment isn't there yet, although a number of TLS toolkits already handle it. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography