diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-10 08:51:40 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-10 09:00:44 +0100 |
| commit | 74533a843277c3687c749989ed1522354d1054d2 (patch) | |
| tree | 7bd557266db082c5d05facecce91f2f753a733e2 | |
| parent | 7715472ae4e57b092b75db30205ff1248bf2517f (diff) | |
| download | uxp-2019.02.11.tar.gz | |
Expose TLS 1.3 cipher suite prefs.v2019.02.11
| -rw-r--r-- | netwerk/base/security-prefs.js | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index 7d63267a65..ea0b2236da 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -17,6 +17,11 @@ pref("security.ssl.false_start.require-npn", false); pref("security.ssl.enable_npn", true); pref("security.ssl.enable_alpn", true); +// TLS 1.3 cipher suites +pref("security.tls13.aes_128_gcm_sha256", true); +pref("security.tls13.chacha20_poly1305_sha256", true); +pref("security.tls13.aes_256_gcm_sha384", true); + // TLS 1.0-1.2 cipher suites pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); @@ -36,11 +41,14 @@ pref("security.ssl3.rsa_camellia_128_sha", true); pref("security.ssl3.rsa_camellia_256_sha", true); pref("security.ssl3.rsa_aes_128_sha", true); pref("security.ssl3.rsa_aes_256_sha", true); -// Weak / deprecated + +// Deprecated pref("security.ssl3.dhe_rsa_aes_256_sha", false); pref("security.ssl3.dhe_rsa_aes_128_sha", false); pref("security.ssl3.rsa_aes_128_gcm_sha256", false); pref("security.ssl3.rsa_aes_128_sha256", false); + +// Weak/broken (requires fallback_hosts) pref("security.ssl3.rsa_des_ede3_sha", false); pref("security.ssl3.rsa_rc4_128_sha", false); pref("security.ssl3.rsa_rc4_128_md5", false); |