summaryrefslogtreecommitdiffstats
path: root/netwerk/base/security-prefs.js
Commit message (Collapse)AuthorAgeLines
* Reinstate RC4 and mark 3DES weak.wolfbeast2018-08-17-0/+2
| | | | Tag #709
* Revert "Disable TLS 1.3 by default for now until our NSS can be updated to ↵wolfbeast2018-06-06-1/+1
| | | | | | the latest spec." This reverts commit 6c3f95480a191ce432ddfb2aa400a6d70c4884a8.
* Fix sec pref locations and enable HPKP checking by default.wolfbeast2018-05-29-0/+11
| | | | Some prefs were incorrectly in all.js (ocsp and hpkp)
* Disable TLS 1.3 by default for now until our NSS can be updated to the ↵wolfbeast2018-04-25-1/+1
| | | | latest spec.
* Activate TLS 1.3 by default.wolfbeast2018-02-24-1/+1
| | | | This resolves #15.
* Disable static DHE + AES suites by default (common combination for weak DH keys)wolfbeast2018-02-02-2/+2
| | | | Issue #4 point 5
* Disable 3DES cipher by default + re-order a few things.wolfbeast2018-02-02-2/+4
| | | | Issue #4 point 4
* Add RSA-AES + SHA256/384 suites for web compatibility.wolfbeast2018-02-02-0/+4
| | | | | | Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default. Issue #4 points 2 and 3
* Add Camellia to the active cipher suites.wolfbeast2018-02-02-0/+4
| | | | | | | Issue #4 point 1. Camellia is a strong, modern, safe cipher with no known weaknesses or reduced strength attacks. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project.
* Add m-esr52 at 52.6.0Matt A. Tobin2018-02-02-0/+119