On Mon, Jul 29, 2013 at 11:51 AM, C. Scott Ananian
That ssllabs link also shows that wikimedia has RC4
on SSL connections, which offers no real security. This is apparently
related to the TLS 1.0 -vs- TLS 1.1/1.2 issue:
Well, you can either be vulnerable to BEAST or to the less practical attack
against RC4. TLS 1.1/1.2 clients should choose the strongest cipher, while
SSL3/TLS1 clients are sent a preferred server list, specifying RC4 first.