[KDE Dot News]
 faq
 flatforty
 contribute
 subscribe
 configure
 search
 rdf
 main
 parent


Weak Ciphers
by Fizz on Tuesday 22/Nov/2005, @01:36
Please, please, please, please, please dont't remove support for weaker ciphers, just have them disabled by default. I often make use of weaker ciphers in my work and if you remove support for them you will force me to use another browser. If you disable them I will then be able to re-enable the support when I need it.

Fizz
  Related Links
 ·   Articles on Konqueror
 ·   Also by Fizz
 ·   Contact author

Thread Threshold:

The Fine Print: The following comments are owned by whomever posted them.
( Reply )

Re: Weak Ciphers
by superstoned on Tuesday 22/Nov/2005, @01:57
i'm sorry, fizz, but as you might have read, most (if not all) browsers will remove support for weaker ciphers soon, so you'll have to just use an older version, or upgrade your sites.
[ Reply To This | View ]
Re: Weak Ciphers
by bangert on Tuesday 22/Nov/2005, @05:13
but why do you do it?

the reason they are being disabled is because it is a bad idea...
[ Reply To This | View ]
  • Re: Weak Ciphers
    by Fizz on Wednesday 23/Nov/2005, @00:31
    I can see that most of the replies to my posting are along a similar line to this. I do however have a very specialised requirement for this feature, and they are not my systems that I will be accessing. I am a security specialist and have been recommending for some time now that all my clients remove support for weaker ciphers from their servers. Occasionally it isn't possible to use stronger ciphers.

    Why not do what MS have said that they will do with IE and simply disable support for the weaker ciphers, but not remove it. Then when there is a requirement for weaker ciphers (for whatever the reason) IE can still be used. If KDE remove support for weaker ciphers it will be a reason not to use KDE. Please just disable support by default.

    Fizz
    [ Reply To This | View ]
    • Re: Weak Ciphers
      by ssokolow on Monday 28/Nov/2005, @12:11
      I have to speak up in favor of keeping weaker ciphers available but disabled. Otherwise, I'd have to keep an older version (probably a statically linked firefox) kicking around because my ISP is the only broadband provider available, "only supports Microsoft products" (blames your client if it complains), and would probably just provide instructions to re-enable weak ciphers when IE 7 rolled around.
      [ Reply To This | View ]
      • Re: Weak Ciphers
        by Terry Tran on Monday 10/Dec/2007, @09:03
        Can you please tell me how to disable the weaker ciphers on IE 6.0?
        [ Reply To This | View ]
Too bad
by Alex on Tuesday 22/Nov/2005, @11:57
The security concern and the cause is more important than those who continue to use terrible security practices. Supporting everything and everyone is only good if everything and everyone is safe and that isn't the case. This is a smart decision.
[ Reply To This | View ]
Re: Weak Ciphers
by Thiago Macieira on Tuesday 22/Nov/2005, @14:52
You can turn off encryption altogether if it comes to that.

Between being completely open and providing a false sense of security, I'd go with being completely open. At least (some) users will have a clue not to provide sensitive information on those work websites (even if on an Intranet).
[ Reply To This | View ]
The Fine Print: The previous comments are owned by whomever posted them.
( Reply )
  "He may be a Hotmail user, but the patch works, so who am I to argue?" -- Charles Samuels
KDE®, "K Desktop Environment", "KDE Dot News", "got the dot?" and the KDE Logo® are trademarks or registered trademarks of KDE e.V. in the European Union, the United States and other countries. All other trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the poster. The rest: Copyright © 2000-2008 KDE e.V. for The KDE Project. For further information or comments on this site, please contact the Webmaster.
[ home | post article | flat forty | subscribe | search | rdf ]