[aklug] PSA: RC4 being disabled in IE and Edge on April 12

From: Royce Williams <royce@tycho.org>
Date: Thu Mar 17 2016 - 07:53:57 AKDT

tl;dr: If IE can't get to your site on April 12, this is why; act now. :)

Summary post:

Technical post:

Depending on your cipher order, this may make your largest
customer/visitor base unable to reach your sites. You are more likely
to be impacted if your site shows as "RC4 on" here, and no TLS 1.2


... but you'll need to check your own config and your Qualys results
(linked from each record in my results).

The first MS post above has guidance for evaluation methods and fixes.

From my cached results, ~1600 Alaskan sites are potentially affected.
List attached (I hope). These are all the sites that appear to A) not
support TLS 1.2, and B) still use RC4-based ciphers. The actual list
of affected sites is probably lower, but these are the sites that
should be checked more closely.


To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

Received on Thu, 17 Mar 2016 07:53:57 -0800

This archive was generated by hypermail 2.1.8 : Thu Mar 17 2016 - 06:12:12 AKDT