Merge pull request #1 from MoonchildProductions/master

keep up with mc

1 files changed, 11 insertions, 5 deletions

diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js
index cfbbf4a45..ef78ddccb 100644
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -17,6 +17,11 @@ pref("security.ssl.false_start.require-npn", false);
 pref("security.ssl.enable_npn", true);
 pref("security.ssl.enable_alpn", true);
 
+// TLS 1.3 cipher suites
+pref("security.tls13.aes_128_gcm_sha256", true);
+pref("security.tls13.chacha20_poly1305_sha256", true);
+pref("security.tls13.aes_256_gcm_sha384", true);
+
 // TLS 1.0-1.2 cipher suites
 pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true);
@@ -36,12 +41,17 @@ pref("security.ssl3.rsa_camellia_128_sha", true);
 pref("security.ssl3.rsa_camellia_256_sha", true);
 pref("security.ssl3.rsa_aes_128_sha", true);
 pref("security.ssl3.rsa_aes_256_sha", true);
-// Weak / deprecated
+
+// Deprecated
 pref("security.ssl3.dhe_rsa_aes_256_sha", false);
 pref("security.ssl3.dhe_rsa_aes_128_sha", false);
 pref("security.ssl3.rsa_aes_128_gcm_sha256", false);
 pref("security.ssl3.rsa_aes_128_sha256", false);
+
+// Weak/broken (requires fallback_hosts)
 pref("security.ssl3.rsa_des_ede3_sha", false);
+pref("security.ssl3.rsa_rc4_128_sha", false);
+pref("security.ssl3.rsa_rc4_128_md5", false);
 
 pref("security.content.signature.root_hash",
      "97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E");
@@ -107,10 +117,6 @@ pref("security.webauth.u2f", false);
 pref("security.webauth.u2f_enable_softtoken", false);
 pref("security.webauth.u2f_enable_usbtoken", false);
 
-pref("security.ssl.errorReporting.enabled", true);
-pref("security.ssl.errorReporting.url", "https://incoming.telemetry.mozilla.org/submit/sslreports/");
-pref("security.ssl.errorReporting.automatic", false);
-
 // OCSP must-staple
 pref("security.ssl.enable_ocsp_must_staple", true);