Bug 1084025 - Disable insecure version fallback. r=dkeeler
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Tue, 09 Dec 2014 07:19:04 +0900
changeset 218758 35f5ec149ad5343e6f62c9f6788ddb952f9732fb
parent 218757 33592fd41f1f77c7917f7e8bac5c03dd37e26e79
child 218759 38616c7e2da9cfa2f22c8830e3be473a5bce7b82
push id27944
push usercbook@mozilla.com
push dateTue, 09 Dec 2014 11:54:28 +0000
treeherdermozilla-central@acf5660d2048 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdkeeler
bugs1084025
milestone37.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1084025 - Disable insecure version fallback. r=dkeeler
netwerk/base/public/security-prefs.js
--- a/netwerk/base/public/security-prefs.js
+++ b/netwerk/base/public/security-prefs.js
@@ -1,15 +1,15 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 pref("security.tls.version.min", 1);
 pref("security.tls.version.max", 3);
-pref("security.tls.version.fallback-limit", 1);
+pref("security.tls.version.fallback-limit", 3);
 
 pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false);
 pref("security.ssl.renego_unrestricted_hosts", "");
 pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
 pref("security.ssl.require_safe_negotiation",  false);
 pref("security.ssl.warn_missing_rfc5746",  1);
 pref("security.ssl.enable_ocsp_stapling", true);
 pref("security.ssl.enable_false_start", true);