On Po, 2014-05-05 at 13:26 -0400, Eric H. Christensen wrote:
On Mon, May 05, 2014 at 01:20:17PM -0400, Hubert Kario wrote:
> ----- Original Message -----
> > From: "Eric H. Christensen" <sparks(a)fedoraproject.org>
> > To: "Nikos Mavrogiannopoulos" <nmav(a)redhat.com>
> > Cc: security(a)lists.fedoraproject.org
> > Sent: Monday, May 5, 2014 6:38:40 PM
> > Subject: Re: Fedora crypto policy vs the real world Was: available
> > upcoming
> > versions of Microsoft Windows 7 will also stop supporting RC4
> That sounds nearly too good to be true. Source?
Huh, but it actually does not disable RC4 support by default. The update
just enables possibility to disable it through registry setting or API
"What does the 2868725 update do?
The update supports the removal of RC4 as an available cipher on
affected systems through registry settings. It also allows developers to
remove RC4 in individual applications through the use of the
SCH_USE_STRONG_CRYPTO flag in the SCHANNEL_CRED structure. These options
are not enabled by default. Microsoft recommends that customers test any
new settings for disabling RC4 prior to implementing them in their
So no, Windows won't disable RC4 support by default.
No matter how far down the wrong road you've gone, turn back.
(You'll never know whether the road is wrong though.)