1203: ssl session ids are 24hrs

This commit is contained in:
Thorin-Oakenpants 2018-12-05 20:58:07 +00:00 committed by GitHub
parent 91fed43fc7
commit 0a87c99a0e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -752,7 +752,7 @@ user_pref("security.ssl.require_safe_negotiation", true);
// user_pref("security.tls.version.min", 3); // user_pref("security.tls.version.min", 3);
user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3 user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3
/* 1203: disable SSL session tracking (FF36+) /* 1203: disable SSL session tracking (FF36+)
* SSL Session IDs speed up HTTPS connections (no need to renegotiate) and last for 48hrs. * SSL Session IDs speed up HTTPS connections (no need to renegotiate) and last for 24hrs.
* Since the ID is unique, web servers can (and do) use it for tracking. If set to true, * Since the ID is unique, web servers can (and do) use it for tracking. If set to true,
* this disables sending SSL Session IDs and TLS Session Tickets to prevent session tracking * this disables sending SSL Session IDs and TLS Session Tickets to prevent session tracking
* [1] https://tools.ietf.org/html/rfc5077 * [1] https://tools.ietf.org/html/rfc5077