On Sun, Jun 29, 2014 at 11:18 AM, Hubert Kario <hka...@redhat.com> wrote:
> The number of sites that prefer RC4 while still supporting other ciphers > are > very high (18.6% in June[1], effectively 21.3% for Firefox[6]) and not > changing much. The percent of servers that support only RC4 is steadily > dropping (1.771% in April[3], 1.194% in May[2], 0.985% in June[1]). > > Because of that, disabling RC4 should be possible for many users. The big > exception for that was YouTube video servers[4] which only recently gained > support for TLS_RSA_WITH_AES_128_GCM_SHA256. > Sorry that I couldn't say more earlier, but please see this message from Adam Langley of Google about YouTube working on TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: http://www.ietf.org/mail-archive/web/tls/current/msg14112.html "And TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 support is coming -- it's already enabled in some locations." Cheers, Brian -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
