On Fri, Nov 16, 2012, Rainer Canavan wrote: > > Since openssl is part of a product that we ship, would you consider moving > RC4-MD5 to the front of the cipher list by default a good idea, or are there > drawbacks that I overlooked, or would this even be preferred, since RC4 has > been propagated as a mitigating method for the so called BEAST attack? >
Whether BEAST is a problem or not depends on your product. I believe (someone correct me if I'm wrong) that for BEAST to work an attacker needs to be able to adaptively inject plaintext which then gets encrypted using the session parameters. If there is no mechanism to do that in your product you aren't vulnerable to BEAST at all so using AES in CBC mode is fine. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org