1 of 1 people found this helpful
As far as I am aware, the PCI standard does not explicitly specify what "secure" means in the context of SSL, leaving it to assessors (who have a much better understanding of the environment) to make the right decision. In your case, the decision was obviously to go with 100% security and recommend disabling all CBS suites. The SSL Labs test is more forgiving, allowing for a fall-back to CBC suites for those clients that do not support RC4.
I think that, in practice, the difference between RC4 prioritization and supporting only RC4 is very small. Prompted by your question, I looked in our logs and determined that only %0.013 of SSL Labs clients did not support RC4. I would still recommend that you support CBC suites for TLS 1.1 and better.
Thanks Ivan for your reply.
I believe that the security company was using a product called McAfee Secure and it was this which demands that only RC4 ciphers are enabled for TLS 1.0.
I guess a lot more people might find themselves failing their PCI compliance tests now?
My view is this seems a little unforgiving and that allow CBC ciphers as a fall-back is reasonable given the very limited applicability of BEAST in the real world.
I found this article from Akamai quite interesting as it points out that RC4 is not a FIPS compliant protocol as FIPS considers RC4 to be insecure.
So users with FIPS compliant desktops might find themselves unable to access websites that only allow RC4.
I think this is something that anyone considering limiting their cipher suite to RC4 only should take into account.
I wonder if you can see many BlackBerry devices in your SSL logs? I can see they claim FIPS compliance so I wonder if they can't use RC4?
There is a small number of BlackBerry clients in the logs (it seems that some are using the native browser, and some Opera), and I see them supporting RC4. Perhaps FIPS compliance is a configuration setting?