[Cryptography] RC4 again (actual security, scalability and other discussion)

[Salz, Rich]

> Imagine going to PKIX and saying "oh, RC4 is fine, but can you make 
> SSL opportunistic and phase out HTTP in favour of HTTPS, please? 
> Pretty please?"

I was at the IETF last week.

For HTTP/2, all of Firefox, Chrome, and IE are all doing (immediately or soon after) various degrees of http: URI's over TLS.

So, yes.

--  
Principal Security Engineer
Akamai Technology
Cambridge, MA