Killing RC4 (softly)

In 2011, the BEAST attack on TLS v1.0's CBC encryption mode was discovered, prompting experts to recommend using RC4-based cipher suites as a mitigation strategy. However, attacks on RC4 were demonstrated in 2013, making this choice problematic. Since then, modern browsers have started supporting TLS v1.2, but open-source web servers and OpenSSL do not allow for fine-grained control over cipher suite usage based on protocol version. To address this issue, a patch has been released for OpenSSL that disables RC4-based cipher suites for connections using TLS v1.1 and above while leaving them enabled for TLS v1.0 users. This ensures protection against both the BEAST attack and attacks on RC4.