latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
randy at psg.com
Sat Nov 2 04:58:42 UTC 2013
> Head on over to the Wikipedia page for SSL/TLS and then decide if you
> want rc4 to be your preference when trying to defend against a
> adversary with the resources of a nation-state.
i got hit with the clue bat on this one.
we have kinda settled on allowing rc4 for smtp as the least preferred.
if we did not it would fall back to cleartext.
otoh, for web, all browsers can do better, so we don't allow rc4
More information about the NANOG