/plushcap/analysis/cloudflare/killing-rc4-the-long-goodbye

Killing RC4: The Long Goodbye

What's this blog post about?

Cloudflare has decided to remove support for RC4 as a preferred cipher, instead favoring AES-based cipher suites for all HTTPS connections due to the threat landscape changes and best practices in cryptographic primitives. The decision was made after considering that most major browsers now support TLS 1.2 standard where AES-CBC is not vulnerable to BEAST attacks, and evidence of mounting weaknesses in RC4 cipher. By choosing AES-CBC, Cloudflare aims to provide long-term forward secrecy for its customers' data.

Company
Cloudflare

Date published
May 7, 2014

Author(s)
Nick Sullivan

Word count
1359

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.