author Austin King <>
Mon, 22 Nov 2010 11:38:00 -0500
changeset 6745 f76f5e2d8f26fd7234b7608a3ac2d6a04b15c409
parent 5201 8a5ef0bf15708f9bf48a38a496e0dd0537f0fabd
child 10961 c1704e94d670c5668437235b810aa24445be08ae
permissions -rw-r--r--
Bug 613224 - Bad link for atlbase.h. r=Callek

<?xml version="1.0" encoding="utf-8"?>

  <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >

<html xmlns="">
<title>SSL Settings</title>
<link rel="stylesheet" href="helpFileLayout.css"

<h1 id="ssl_settings">SSL Settings</h1>

<p>This section describes how to set your SSL preferences.</p>

<div class="contentsBox">In this section:
    <li><a href="#privacy_and_security_preferences_ssl">Privacy &amp; Security
      Preferences - SSL</a></li>

<h2 id="privacy_and_security_preferences_ssl">Privacy &amp; Security
  Preferences - SSL</h2>

<p>This section describes how to use the SSL preferences panel. If you are not
  already viewing the panel, follow these steps:</p>

  <li>Open the <span class="mac">&brandShortName;</span>
    <span class="noMac">Edit</span> menu and choose Preferences.</li>
  <li>Under the Privacy &amp; Security category, click SSL. (If no
    subcategories are visible, double-click Privacy &amp; Security to expand
    the list.)</li>

<h3 id="ssl_protocol_versions">SSL Protocol Versions</h3>

<p>The Secure Sockets Layer (SSL) protocol defines rules governing mutual
  authentication between a web site and browser software and the encryption of
  information that flows between them. The Transport Layer Security (TLS)
  protocol is an IETF standard based on SSL. TLS 1.0 can be thought of as SSL

<p>You should normally leave these three checkboxes selected to ensure that
  both older and newer web servers can work with the browser:</p>

  <li><strong>Enable SSL version 3</strong>: Allows newer web servers to work
    with the browser.</li>
  <li><strong>Enable TLS</strong>: Allows web servers that support TLS to take
    advantage of it.</li>

<p><strong>Important note regarding TLS</strong>: Some servers that do not
  implement SSL correctly cannot negotiate the SSL handshake with client
  software (such as the browser) that supports TLS. Such servers are known as
  <q>TLS intolerant</q>.</p>

<p>When the Enable TLS option in the SSL preferences panel is selected, the
  browser attempts to use the TLS protocol when making secure connections with
  a server. If that connection fails because the server is TLS intolerant, the
  browser will fall back to using SSL 3.0.</p>

<h3 id="ssl_warnings">SSL Warnings</h3>

<p>It&apos;s easy to tell when the web site you are viewing is using an encrypted
  connection. If the connection is encrypted, the lock icon in the lower-right
  corner of the browser window is locked. If the connection is not encrypted,
  the lock icon is unlocked.</p>

<p>If you want additional warnings, you can select one or more of the warning
  checkboxes in the SSL preferences panel. Some people find these warnings

<p>To activate any of these warnings, select the corresponding checkbox:</p>

  <li><strong>Loading a page that supports encryption</strong>: Select this
    warning if you want to be reminded whenever you are loading a page that
    supports encryption.</li>
  <li><strong>Loading a page that uses low-grade encryption</strong>: Select
    this warning if you want to be reminded whenever you are loading a page
    that supports low-grade encryption. (Low-grade encryption is the weakest
    encryption available, using 40-bit keys.)</li>
  <li><strong>Leaving a page that supports encryption</strong>: Select this
    warning if you want to be reminded whenever you are leaving a page that
    supports encryption for one that does not.</li>
  <li><strong>Sending form data from an unencrypted page to an unencrypted
    page</strong>: Select this warning if you want to be reminded whenever you
    are submitting data over an unencrypted connection. If you send unencrypted
    information over the Internet, it can easily be intercepted by other
  <li><strong>Viewing a page with an encrypted/unencrypted mix</strong>:
    Select this warning if you want to be alerted whenever you are viewing a
    page that includes any information that&apos;s not encrypted.</li>

<p>For short definitions, click
  <a href="glossary.xhtml#authentication">authentication</a>,
  <a href="glossary.xhtml#encryption">encryption</a>, or
  <a href="glossary.xhtml#certificate">certificate</a>.</p>

<p>For more information about ciphers and encryption, see the following online

    <a href="">Introduction
    to Public-Key Cryptography</a></li>
    <a href="">Introduction
    to SSL</a></li>
    <a href="">Encryption
    Technologies Available in NSS 3.11</a>.</li>