Does anything still use RC4? What will happen if the browser doesn't allow it, will access be prohibited, or might some sites downgrade to plain HTTP? It would be a shame to go from poor security to absolutely no security -- or no access -- on some non-upgradable servers (e.g., old hardware with old firmware).
Disclaimer: this doesn't affect me (as far as I know.) On Mon, 12 Sep 2016 12:04:30 -0400 Mike Connor <[email protected]> wrote: > RC4 support is being removed entirely in Firefox 50, so ESR 52 will > not have any override. Chrome is also removing support for admin > enabling of RC4 (this is happening this month, based on > https://www.chromium.org/administrators/policy-list-3#RC4Enabled ) > > At this point, RC4 is not considered secure by anyone, so I'd strongly > recommend adding some newer ciphers to any legacy systems. > > -- Mike > > On Mon, Sep 12, 2016 at 9:30 AM, Sol Birnbaum <[email protected]> > wrote: > > > Hi all, > > > > > > > > Will the RC4 cipher be blocked in the next ESR release, and if yes, > > will there be a setting or host/ip-based whitelist to re-enable? > > > > > > > > Thank you, > > > > > > > > Sol Birnbaum > > > > *Tech-Keys* | CTO > > > > *Office* + 1 732 730 7777 | Tech-Keys.com > > <http://www.tech-keys.com/> > > > > *Our Hours Are: *9:00am - 6:00pm Monday - Friday ET > > > > For support please email [email protected] > > > > [image: ou1yudoC] <http://Tech-keys.com> _______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
