(this was originally sent to rt@, but it never made it through) Hello, considering that RC4 is pretty much broken by now, I don't think there is a good reason for using it in TLS v1.1+.
Attached patch stops servers from negotiating RC4-based cipher suites
on connections using TLS v1.1+. This is mostly RFC and not something
ready to be committed, because users should (or maybe not?) be able to
tweak this via SSL{,_CTX}_set_options(). However, it seems that all
the option values are already taken and I'm not in the position to
decide if this is more important than any of the existing options.
Best regards,
Piotr Sikora
openssl_1_0_1__disable_rc4.patch
Description: Binary data
openssl_1_0_2__disable_rc4.patch
Description: Binary data
