pgut001 at cs.auckland.ac.nz
Fri Jul 5 01:39:59 EDT 2013
Nadim Kobeissi <nadim at nadim.cc> writes:
>AES-GCM is already prioritized over RC4, but unfortunately most browsers
>don't support AES-GCM yet, which is why RC4 remains as the secondary choice.
>In the case that AES-GCM is not supported, we use RC4 instead of AES-CBC in
>order to mitigate for BEAST. If you have alternate suggestions to this,
>please let me know.
pretty much cancels out about ten years worth of attacks on SSL/TLS'
integrity-checking. The only downside is that browser support at the moment
isn't there yet, although a number of TLS toolkits already handle it.
More information about the cryptography