BEAST & Lucky Thirteen attacks said, “Prioritize RC4 cipher suite.” AlFBPPS attack said, “RC4 is old and crummy. CBC-mode would be better."
At the IETF 86 meeting in Orlando last week, there was a working group meeting discussing the operations of the Web PKI. At the previous IETF 85 meeting a birds-of-a-feather was held to discuss the purpose of having such a group.
The CA/Browser Forum decided to mitigate the risk by deprecating the issuance of certificates with non-FQDNs.
Nadhem AlFardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London, announced a new TLS/DTLS attack called Lucky Thirteen.