Clarified current status of RC4 usage Made clear RC4 has been deprecated by IETF standard, and disabled by default in the library.

commit: 68c0bd72bc9abeb9b76c96239ddddb99b09917aa [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Sat Feb 13 22:44:49 2016 +0000
committer: Simon Butcher <simon.butcher@arm.com> Thu Mar 17 21:08:46 2016 +0000
tree: 0413cf60fc986a44b982c85db60dc89d6630dd07
parent: 7ef5cf3c54aeb79d45b7a12e60adef42002ad4be [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 3072751..3e05f3f 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -2012,11 +2012,13 @@
  * \brief          Disable or enable support for RC4
  *                 (Default: MBEDTLS_SSL_ARC4_DISABLED)
  *
- * \warning        Use of RC4 in (D)TLS has been prohibited by RFC ????
- *                 for security reasons. Use at your own risks.
+ * \warning        Use of RC4 in DTLS/TLS has been prohibited by RFC-7465
+ *                 for security reasons. Use at your own risk.
  *
- * \note           This function will likely be removed in future versions as
- *                 RC4 will then be disabled by default at compile time.
+ * \note           This function is deprecated and will likely be removed in
+ *                 a future version of the library.
+ *                 RC4 is disabled by default at compile time and needs to be
+ *                 actively enabled for use with legacy systems.
  *
  * \param conf     SSL configuration
  * \param arc4     MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
commit	68c0bd72bc9abeb9b76c96239ddddb99b09917aa	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Sat Feb 13 22:44:49 2016 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Thu Mar 17 21:08:46 2016 +0000
tree	0413cf60fc986a44b982c85db60dc89d6630dd07
parent	7ef5cf3c54aeb79d45b7a12e60adef42002ad4be [diff] [blame]