Thanks all. For anyone working with SonicWALL firmware versions 5.8 and older, you can disable the default RC4-only mode to allow other ciphers by following this kb: https://support.software.dell.com/kb/sw11951
Sol Birnbaum Tech-Keys | CTO Office + 1 732 730 7777 | Tech-Keys.com<http://www.tech-keys.com/> Our Hours Are: 9:00am - 6:00pm Monday - Friday ET For support please email [email protected]<mailto:[email protected]> [ou1yudoC]<Tech-keys.com> From: Enterprise [mailto:[email protected]] On Behalf Of Cole H Sent: Tuesday, September 13, 2016 9:16 PM To: Paul Kosinski <[email protected]> Cc: Enterprise Working Group Mailing List <[email protected]> Subject: Re: [Mozilla Enterprise] RC4 chiper You'll get a error page with the following error or one of similar effect if there are no common cipher suites to connect with. "ssl_error_no_cypher_overlap" On 12 September 2016 at 20:00, Paul Kosinski <[email protected]<mailto:[email protected]>> wrote: Does anything still use RC4? What will happen if the browser doesn't allow it, will access be prohibited, or might some sites downgrade to plain HTTP? It would be a shame to go from poor security to absolutely no security -- or no access -- on some non-upgradable servers (e.g., old hardware with old firmware). Disclaimer: this doesn't affect me (as far as I know.) On Mon, 12 Sep 2016 12:04:30 -0400 Mike Connor <[email protected]<mailto:[email protected]>> wrote: > RC4 support is being removed entirely in Firefox 50, so ESR 52 will > not have any override. Chrome is also removing support for admin > enabling of RC4 (this is happening this month, based on > https://www.chromium.org/administrators/policy-list-3#RC4Enabled<https://www.chromium.org/administrators/policy-list-3#RC4Enabled> > ) > > At this point, RC4 is not considered secure by anyone, so I'd strongly > recommend adding some newer ciphers to any legacy systems. > > -- Mike > > On Mon, Sep 12, 2016 at 9:30 AM, Sol Birnbaum > <[email protected]<mailto:[email protected]>> > wrote: > > > Hi all, > > > > > > > > Will the RC4 cipher be blocked in the next ESR release, and if yes, > > will there be a setting or host/ip-based whitelist to re-enable? > > > > > > > > Thank you, > > > > > > > > Sol Birnbaum > > > > *Tech-Keys* | CTO > > > > *Office* + 1 732 730 7777<tel:%2B%201%20732%20730%207777> | > > Tech-Keys.com<http://Tech-Keys.com> > > <http://www.tech-keys.com/> > > > > *Our Hours Are: *9:00am - 6:00pm Monday - Friday ET > > > > For support please email [email protected]<mailto:[email protected]> > > > > [image: ou1yudoC] <http://Tech-keys.com<http://Tech-keys.com>> _______________________________________________ Enterprise mailing list [email protected]<mailto:[email protected]> https://mail.mozilla.org/listinfo/enterprise<https://mail.mozilla.org/listinfo/enterprise> To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise<https://mail.mozilla.org/listinfo/enterprise> or send an email to [email protected]<mailto:[email protected]> with a subject of "unsubscribe" Disclaimer The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.
_______________________________________________ Enterprise mailing list [email protected] https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to [email protected] with a subject of "unsubscribe"
