release. For example, in OkHttp 2.2 we dropped support for SSL 3.0 in response to the [POODLE](https://googleonlinesecurity.blogspot.ca/2014/10/this-poodle-bites-exploiting-ssl-30.html) attack. And in OkHttp 2.3 we dropped support for [RC4](https://en.wikipedia.org/wiki/RC4#Security). As with your desktop web browser, staying up-to-date with OkHttp is the best way to stay secure.

You can build your own connection spec with a custom set of TLS versions and cipher suites. For example, this configuration...

        // kerberos mech token with ticket for fake service, RC4 service key in keyTab above

 *  **HTTP/2 support.** We've done interop testing and haven't seen any
    problems. HTTP/2 support has been a big effort and we're particularly
    thankful to Adrian Cole who has helped us to reach this milestone.

 *  **RC4 cipher suites are no longer supported by default.** To connect to
    old, obsolete servers relying on these cipher suites, you must create a
    custom `ConnectionSpec`.

    - [Removed](#removed-16)
  - [Dependencies](#dependencies-17)
    - [Added](#added-17)
    - [Changed](#changed-17)
    - [Removed](#removed-17)
- [v1.19.0-rc.4](#v1190-rc4)
  - [Downloads for v1.19.0-rc.4](#downloads-for-v1190-rc4)
    - [Source Code](#source-code-17)
    - [Client binaries](#client-binaries-17)
    - [Server binaries](#server-binaries-17)
    - [Node binaries](#node-binaries-17)

pkg archive/zip, type FileHeader struct, UncompressedSize //deprecated
pkg compress/flate, type ReadError //deprecated
pkg compress/flate, type WriteError //deprecated
pkg crypto/rc4, method (*Cipher) Reset //deprecated
pkg crypto/tls, const VersionSSL30 //deprecated
pkg crypto/tls, method (*Config) BuildNameToCertificate //deprecated
pkg crypto/tls, type Config struct, NameToCertificate //deprecated