Git-Mirrors/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-06-26 14:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

1264: update ciphers, fixes #1196 (#1197)

Browse Source
This commit is contained in:
Thorin-Oakenpants 2021-06-23 16:22:10 +00:00 committed by GitHub
parent b93a5e334c
commit a6d20eaf5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
user.js
View File

@ -740,8 +740,8 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
// user_pref("dom.securecontext.whitelist_onions", true);
/** CIPHERS [WARNING: do not meddle with your cipher suite: see the section 1200 intro]
* These are all the ciphers still using SHA-1 and CBC which are weaker than the available alternatives. (see "Cipher Suites" in [1])
* Additionally some have other weaknesses like key sizes of 128 (or lower) [2] and/or no Perfect Forward Secrecy [3].
* These are the ciphers listed under "Cipher Suites" [1] that are either still using SHA-1 and CBC,
* and/or are missing Perfect Forward Secrecy [3] and/or have other weaknesses like key sizes of 128
* [1] https://browserleaks.com/ssl
* [2] https://en.wikipedia.org/wiki/Key_size
* [3] https://en.wikipedia.org/wiki/Forward_secrecy
@ -756,6 +756,8 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS