Source: libssl1.0.0
Version: 1.0.1k-1
Severity: wishlist

Dear Maintainer,

As of the publication of RFC 7465 this month, support for RC4 is now
formally prohibited. Section 2 explicitly states:

   o  TLS clients MUST NOT include RC4 cipher suites in the ClientHello
      message.

   o  TLS servers MUST NOT select an RC4 cipher suite when a TLS client
      sends such a cipher suite in the ClientHello message.

   o  If the TLS client only offers RC4 cipher suites, the TLS server
      MUST terminate the handshake.  The TLS server MAY send the
      insufficient_security fatal alert in this case.

It therefore seems reasonable to forcibly disable support for this, as
was done with SSLv3, even if no single common exploit is yet known.

The following patch from Piotr Sikora of CloudFlare has been used by them
in production for more than a year:

<https://github.com/cloudflare/openssl-deprecate-rc4/>

As evidenced by this blog post:

<https://blog.cloudflare.com/killing-rc4/>

While this only applies to TLSv1.1+, presumably it should be a simple matter
to remove the protocol condition, and apply a similar patch to OpenSSL in
Debian.

Many thanks for your consideration.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to