Hi Kurt, > > To protect our users and comply with adopted Internet standards, openssl > > in Debian should no longer include RC4 ciphers in the DEFAULT list of > > ciphers, neither in Jessie nor supported stable / oldstable releases. > > I fully support that RFC. However I don't think it's a good idea > to remove it from DEFAULT in jessie. Reasons not to are: > - Many servers only support RC4 so clients still need to support > RC4 to be able to talk to them. Hopefully this RFC will change > that.
What servers, and what clients are we talking about here? From reading the Chromium [0] and Firefox [1] bugs about this, I understand that payment processors in the US have a problem disabling RC4 on older setups while maintaining PCI compliance. SSL Pulse [2] counts around 1.5% of web sites surveyed that only support RC4. So major browsers like Iceweasel and Chromium may want to keep RC4 around as an option for those who need it (there's talk about a whitelist in [0]). [0] https://code.google.com/p/chromium/issues/detail?id=375342 [1] https://bugzilla.mozilla.org/show_bug.cgi?id=999544 [2] https://www.trustworthyinternet.org/ssl-pulse/ However everybody else should get rid of RC4 now, not just on the server but also on the client side - and I'm particularly thinking of all the applications that use TLS beyond the web. It is a lot easier to remove RC4 ciphers from the DEFAULT list in openssl and to add it back in the very few web browsers that need it (and I'm not sure there are any at all that use openssl in Debian and rely on the DEFAULT), than to change the hundreds of other applications in Debian that use openssl to require "DEFAULT:!RC4". > - In practice if the other side supports something other than RC4 > it's likely that RC4 isn't used. Looking at SSL Pulse [2] again, 23.3% of sites will negotiate an RC4-based cipher with modern browsers, that's roughly a third of those having some RC4 suites enabled. Not all that unlikely, I'd say, and a reason why Google and Mozilla consider moving forward on the client side. I think disabling RC4 in the default list of suites in openssl and similar libraries like gnutls and libnss is the right thing to do, and I think it should be done now, unless we have a clear idea about what if anything this breaks and will need to be fixed beforehand. Florian -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
