[onyxraven]

Amazon already updated their ELB policies to disable RC4

https://forums.aws.amazon.com/ann.jspa?annID=2877

[cesarb]

It's a pity that this ELB policy (ELBSecurityPolicy-2015-02) also disables 3DES. For older browsers (for instance IE8, see https://www.ssllabs.com/ssltest/viewClient.html?name=IE&vers...) the only options with a good enough key length are RC4 and 3DES.

Newer browsers also have AES, so they don't need 3DES, but it's still useful as a fallback for older clients, and it's still considered secure (but slow).

[sureshv]

Guess it's good I'm using ELB with TCP pass through (because ELB can't handle different SSL terminations by port).