New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RC4 security in TLS #8

hannesm opened this Issue Mar 3, 2014 · 4 comments


2 participants

hannesm commented Mar 3, 2014

problem: some bytes can be recovered

solution: throw RC4 away and switch to CBC



This comment has been minimized.


hannesm commented Oct 1, 2014

there's now even a proposed standard rfc, shepherded...


This comment has been minimized.


hannesm commented Oct 23, 2014

talking to @andreas23 I think we should remove RC4 from the default_config ciphers (but still list as supported, since our implementation does support RC4).

hannesm added a commit that referenced this issue Jan 12, 2015

do not advertise RC4
disable RC4 by default (users who need RC4 can tweak the configuration)

fixes #8

@pqwy pqwy closed this in #223 Jan 15, 2015


This comment has been minimized.


g2p commented Mar 16, 2015

Is RC4 really disabled, or just not advertised as per the commit message?
The RFC says RC4 must never be negotiated (Firefox roadmap):
Otherwise an active attacker would drop a connection and force the use of RC4.


This comment has been minimized.


hannesm commented Mar 16, 2015

in the default config in master, RC4 is disabled -- it can not be negotiated. You can still configure OCaml-TLS to use RC4. The 0.3.0 release still advertises RC4 by default (but there'll be a 0.4.0 really soon now)!
As example, will never negotiate RC4 (while will).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment