Re: Fedora crypto policy vs the real world Was: available crypto policies

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Mon, May 05, 2014 at 10:08:53AM -0500, Bruno Wolff III wrote:
> On Mon, May 05, 2014 at 10:28:22 -0400,
>  "Eric H. Christensen" <sparks@xxxxxxxxxxxxxxxxx> wrote:
> >
> >Revise how?  RC4 should be dropped down to EXPORT status, IMO, but somehow lives on.
> 
> Didn't it regain some popularity as a mitigation for the Beast vulnerability?

Yes, and now that Beast is mitigated elsewhere...  The problem is that RC4 doesn't provide that much security, now.  It's 2014, if you are still using it you don't actually care about your users.

- -- Eric

- --------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security Team

sparks@xxxxxxxxxx - sparks@xxxxxxxxxxxxxxxxx
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBCgAGBQJTZ62pAAoJEB/kgVGp2CYv8nwL/A5M/KtbLgR/NvCke0E4Xa/P
RvNsQf0uhBk1EPvXP3/wqUkLVgiWqmGxYmyL/rwP248SwT8A/jNvJxPkglScjru3
t4F+nr5pruNgi1v6r+oKMuCGc/qToOcRWNPoaCBSJ7f5QdDdgK1elYW1HmprJT8X
dDDA8TofIQv+LIQ3ovL1EDPKLpMupF5ghyNIRvdsWcTHcDP1PfwUVEdxW2Q3Hoq0
NMehp1Bru+WQMaS7E13mJtdSmPxU+dbL7WXEJ1sCIfWyVwnotxZspQiEihdlewYQ
CFm/9t7GPfM7HRI9CQNgrrTyFR/d7heV1ZiPCBURMuQgSOCtCxvQUw3WL9gy9M2V
Zj755Qec9Hg3fDijNWs6SVkfPF5BdIOIuFiLtyqDkEpvkZ9GGc8V+OxtTw5T7Q1Y
08U7xx/5e9A+7Tvi1GVa+MngbLgr+VArkagHOwCwAukau4b7l/fuaeIZCI+kYBau
T6CVGAhOBDxZ1AbBQz9/1YQk7uOyWaqVgEq5IUyT3g==
=HGLa
-----END PGP SIGNATURE-----
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux