Commit 68c0bd72 authored by Simon Butcher's avatar Simon Butcher

Clarified current status of RC4 usage

Made clear RC4 has been deprecated by IETF standard, and disabled
by default in the library.
parent 7ef5cf3c
......@@ -2012,11 +2012,13 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems
* \brief Disable or enable support for RC4
* (Default: MBEDTLS_SSL_ARC4_DISABLED)
*
* \warning Use of RC4 in (D)TLS has been prohibited by RFC ????
* for security reasons. Use at your own risks.
* \warning Use of RC4 in DTLS/TLS has been prohibited by RFC-7465
* for security reasons. Use at your own risk.
*
* \note This function will likely be removed in future versions as
* RC4 will then be disabled by default at compile time.
* \note This function is deprecated and will likely be removed in
* a future version of the library.
* RC4 is disabled by default at compile time and needs to be
* actively enabled for use with legacy systems.
*
* \param conf SSL configuration
* \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment