What can happen if I remove TLS_RSA_WITH_RCA_128_SHA from my server's cipher suite?

322    Asked by Aashishchaursiya in Cyber Security , Asked on Mar 21, 2022

 I run a website that supports many clients via web services. I'm setting up some new certificates and load balancers and when doing ssllabs's server test, it's flagging all my ciphers as OK except TLS_RSA_WITH_RC4_128_SHA. What would be the impact of removing this cipher? In other words, what clients might have issues connecting without it?

Answered by Alison Kelly

AIUI if you want to support IE 6 then you basically have to support at least one of TLS_RSA_WITH_RC4_128_SHA or TLS_RSA_WITH_3DES_EDE_CBC_SHA . Both have their problems. RC4 has severe keystream bias issues. CBC has been hit by padding and IV related attacks (BEAST, POODLE etc). The general consensus at the moment seems to be that if you need to support IE 6 then TLS_RSA_WITH_3DES_EDE_CBC_SHA is a lesser evil than TLS_RSA_WITH_RC4_128_SHA



Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com