Bug 1479501 - Disable TLS version fallback, r=ekr, a=lizzard
authorMartin Thomson <martin.thomson@gmail.com>
Fri, 10 Aug 2018 12:10:35 +1000
changeset 480892 f3d5a8acef59d6dcbee0685557234d395f8368fd
parent 480891 fe256fdb428c3e9a277beb8eb87a7828f2694a6f
child 480893 ffb21272c4ce79f82050ba892ccfbc287964f1de
push id1757
push userffxbld-merge
push dateFri, 24 Aug 2018 17:02:43 +0000
treeherdermozilla-release@736023aebdb1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersekr, lizzard
bugs1479501
milestone62.0
Bug 1479501 - Disable TLS version fallback, r=ekr, a=lizzard
security/manager/ssl/security-prefs.js
--- a/security/manager/ssl/security-prefs.js
+++ b/security/manager/ssl/security-prefs.js
@@ -1,15 +1,15 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 pref("security.tls.version.min", 1);
 pref("security.tls.version.max", 4);
-pref("security.tls.version.fallback-limit", 3);
+pref("security.tls.version.fallback-limit", 4);
 pref("security.tls.insecure_fallback_hosts", "");
 pref("security.tls.enable_0rtt_data", false);
 
 pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
 pref("security.ssl.require_safe_negotiation",  false);
 pref("security.ssl.enable_ocsp_stapling", true);
 pref("security.ssl.enable_false_start", true);
 pref("security.ssl.enable_alpn", true);