Re: Fedora crypto policy vs the real world Was: available crypto policies

On Mon, May 05, 2014 at 11:50:48AM +0200, Nikos Mavrogiannopoulos wrote: > On Fri, 2014-04-25 at 10:34 -0400, Hubert Kario wrote: >> SSL/TLS survey of 305280 websites from Alexa's top 0.97 million >> Stats only from connections that did provide valid certificates >> (or anonymous DH from servers that do also have valid certificate installed) >> RC4 Only 5418 1.7748 > That's pretty interesting. The question is now how important is that RC4 > only segment. Is that percentage significant enough to revise having RC4 > in the "default" crypto profile set? Revise how? RC4 should be dropped down to EXPORT status, IMO, but somehow lives on.