[166645] in North American Network Operators' Group
Re: latest Snowden docs show NSA intercepts all Google and Yahoo
daemon@ATHENA.MIT.EDU (Randy Bush)
Sat Nov 2 00:59:22 2013
Date: Fri, 01 Nov 2013 21:58:42 -0700
From: Randy Bush <randy@psg.com>
To: Harry Hoffman <hhoffman@ip-solutions.net>
In-Reply-To: <ipw7acuqm87i0hwdiek14wll.1383358016384@email.android.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> Head on over to the Wikipedia page for SSL/TLS and then decide if you
> want rc4 to be your preference when trying to defend against a
> adversary with the resources of a nation-state.
i got hit with the clue bat on this one.
we have kinda settled on allowing rc4 for smtp as the least preferred.
if we did not it would fall back to cleartext.
otoh, for web, all browsers can do better, so we don't allow rc4
ykmv
randy
