I'm still waiting for someone to thoroughly analyze this question What's worse: the possibility that NSA has cracked RC4 or being vulnerable to BEAST/CRIME? Set your crypto to a minimum of TLS 1.1 and let everyone who can't connect complain. At least their data wasn't compromised. This entire situation is maddening.