1202: TLS min raised to 1.2 #167
This commit is contained in:
parent
063b731054
commit
c864c8ebb0
7
user.js
7
user.js
@ -615,9 +615,12 @@ user_pref("ghacks_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
|
|||||||
// user_pref("security.ssl.require_safe_negotiation", true);
|
// user_pref("security.ssl.require_safe_negotiation", true);
|
||||||
/* 1202: control TLS versions with min and max
|
/* 1202: control TLS versions with min and max
|
||||||
* 1=min version of TLS 1.0, 2=min version of TLS 1.1, 3=min version of TLS 1.2 etc
|
* 1=min version of TLS 1.0, 2=min version of TLS 1.1, 3=min version of TLS 1.2 etc
|
||||||
* [WARNING] Firefox and Chrome currently allow TLS 1.0 by default, so this is your call.
|
* [NOTE] Jul-2017: Telemetry indicates approx 2% of TLS web traffic uses 1.0 or 1.1
|
||||||
|
* [WARNING] If you get an "SSL_ERROR_NO_CYPHER_OVERLAP" error temporarily
|
||||||
|
* set a lower value for 'security.tls.version.min' in about:config
|
||||||
* [1] http://kb.mozillazine.org/Security.tls.version.*
|
* [1] http://kb.mozillazine.org/Security.tls.version.*
|
||||||
* [2] https://www.ssl.com/how-to/turn-off-ssl-3-0-and-tls-1-0-in-your-browser/ ***/
|
* [2] https://www.ssl.com/how-to/turn-off-ssl-3-0-and-tls-1-0-in-your-browser/
|
||||||
|
* [2] archived: https://archive.is/hY2Mm ***/
|
||||||
// user_pref("security.tls.version.min", 2);
|
// user_pref("security.tls.version.min", 2);
|
||||||
user_pref("security.tls.version.fallback-limit", 3);
|
user_pref("security.tls.version.fallback-limit", 3);
|
||||||
user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3
|
user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3
|
||||||
|
Loading…
Reference in New Issue
Block a user