Keep an eye out for IE11/Edge clients that mysteriously can't connect today
(or if you have internal-facing servers only, whenever you roll out
patches).
https://blogs.windows.com/msedgedev/2016/08/09/rc4-now-deprecated
Royce
On Thu, Mar 17, 2016 at 7:53 AM, Royce Williams <royce@tycho.org> wrote:
> tl;dr: If IE can't get to your site on April 12, this is why; act now. :)
>
>
> Summary post:
> https://blogs.windows.com/msedgedev/2016/03/16/rc4-will-
> no-longer-be-supported-in-microsoft-edge-and-ie11-beginning-in-april/
>
> Technical post:
> https://blogs.technet.microsoft.com/srd/2013/11/12/
> security-advisory-2868725-recommendation-to-disable-rc4/
>
> Depending on your cipher order, this may make your largest
> customer/visitor base unable to reach your sites. You are more likely
> to be impacted if your site shows as "RC4 on" here, and no TLS 1.2
> support:
>
> http://www.techsolvency.com/tls/
>
> ... but you'll need to check your own config and your Qualys results
> (linked from each record in my results).
>
> The first MS post above has guidance for evaluation methods and fixes.
>
> From my cached results, ~1600 Alaskan sites are potentially affected.
> List attached (I hope). These are all the sites that appear to A) not
> support TLS 1.2, and B) still use RC4-based ciphers. The actual list
> of affected sites is probably lower, but these are the sites that
> should be checked more closely.
>
> Royce
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue, 9 Aug 2016 09:30:02 -0800
This archive was generated by hypermail 2.1.8 : Tue Aug 09 2016 - 09:30:57 AKDT