From 0006ee04b4bc3470894059a85727ef7f513548e0 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Tue, 6 Jun 2017 04:08:24 +1200 Subject: [PATCH] 1202: TLS max+fallback=>active regardless of default, time to turn it on in 54 --- user.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user.js b/user.js index 786cd56..aa9cfbc 100644 --- a/user.js +++ b/user.js @@ -602,8 +602,8 @@ user_pref("ghacks_user.js.parrot", "1200 syntax error: the parrot's a stiff!"); * [1] http://kb.mozillazine.org/Security.tls.version.* * [2] https://www.ssl.com/how-to/turn-off-ssl-3-0-and-tls-1-0-in-your-browser/ ***/ // user_pref("security.tls.version.min", 2); - // user_pref("security.tls.version.fallback-limit", 3); - // user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3 +user_pref("security.tls.version.fallback-limit", 3); +user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3 /* 1203: disable SSL session tracking (FF36+) * SSL Session IDs speed up HTTPS connections (no need to renegotiate) and last for 48hrs. * Since the ID is unique, web servers can (and do) use it for tracking. If set to true,