Bug#464625: please support OpenSSL-compatible ciphher nammes
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Feb 4 10:48:31 UTC 2011
On Fri, Feb 4, 2011 at 9:09 AM, Simon Josefsson <simon at josefsson.org> wrote:
>> gnutls-cli(1). Looking at the source, RC4 is defined in SECURE256, and
>> due to major weaknesses in its key scheduling (which can be used very
>> effectively against e.g. WEP), I would absolutely not want to use it if
>> any other choice were available. Had I not looked at the source, I
>> would never have known this. I would certainly not class it as
>> "secure".
> I also feel uncomfortable including RC4 in the SECURE variants, we all
> know that RC4 is not a secure cipher. Nikos, what do you think about
> removing it?
The attacks known for RC4 do not apply to the TLS protocol. However it
is a cipher that weaknesses have been found and I could understand removing
it from the "secure" set.
regards,
Nikos
More information about the Pkg-gnutls-maint
mailing list