2007-03-22 10:30:00 -07:00
|
|
|
pref("security.enable_ssl2", false);
|
|
|
|
pref("security.enable_ssl3", true);
|
|
|
|
pref("security.enable_tls", true);
|
2008-02-26 15:09:39 -08:00
|
|
|
pref("security.enable_tls_session_tickets", true);
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2010-02-07 04:09:51 -08:00
|
|
|
pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false);
|
|
|
|
pref("security.ssl.renego_unrestricted_hosts", "");
|
|
|
|
pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
|
|
|
|
pref("security.ssl.require_safe_negotiation", false);
|
2010-05-03 04:34:16 -07:00
|
|
|
pref("security.ssl.warn_missing_rfc5746", 1);
|
2010-09-21 14:57:09 -07:00
|
|
|
pref("security.ssl.enable_false_start", false);
|
2010-02-07 04:09:51 -08:00
|
|
|
|
2007-03-22 10:30:00 -07:00
|
|
|
pref("security.ssl2.rc4_128", false);
|
|
|
|
pref("security.ssl2.rc2_128", false);
|
|
|
|
pref("security.ssl2.des_ede3_192", false);
|
|
|
|
pref("security.ssl2.des_64", false);
|
|
|
|
pref("security.ssl2.rc4_40", false);
|
|
|
|
pref("security.ssl2.rc2_40", false);
|
|
|
|
pref("security.ssl3.rsa_rc4_128_md5", true);
|
|
|
|
pref("security.ssl3.rsa_rc4_128_sha", true);
|
|
|
|
pref("security.ssl3.rsa_fips_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.rsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.rsa_fips_des_sha", false);
|
|
|
|
pref("security.ssl3.rsa_des_sha", false);
|
|
|
|
pref("security.ssl3.rsa_1024_rc4_56_sha", false);
|
|
|
|
pref("security.ssl3.rsa_1024_des_cbc_sha", false);
|
|
|
|
pref("security.ssl3.rsa_rc4_40_md5", false);
|
|
|
|
pref("security.ssl3.rsa_rc2_40_md5", false);
|
2009-08-24 11:07:48 -07:00
|
|
|
// Camellia is broken on Windows CE for now, see bug 508113
|
|
|
|
#ifndef WINCE
|
2007-07-25 15:53:30 -07:00
|
|
|
pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
|
|
|
|
pref("security.ssl3.dhe_dss_camellia_256_sha", true);
|
|
|
|
pref("security.ssl3.rsa_camellia_256_sha", true);
|
|
|
|
pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
|
|
|
|
pref("security.ssl3.dhe_dss_camellia_128_sha", true);
|
|
|
|
pref("security.ssl3.rsa_camellia_128_sha", true);
|
2009-08-24 11:07:48 -07:00
|
|
|
#endif
|
2007-03-22 10:30:00 -07:00
|
|
|
pref("security.ssl3.dhe_rsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.dhe_dss_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.rsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_ecdsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_ecdsa_null_sha", false);
|
|
|
|
pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_rsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_rsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_rsa_rc4_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdhe_rsa_null_sha", false);
|
|
|
|
pref("security.ssl3.ecdh_ecdsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_ecdsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_ecdsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_ecdsa_rc4_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_ecdsa_null_sha", false);
|
|
|
|
pref("security.ssl3.ecdh_rsa_aes_256_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_rsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_rsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_rsa_rc4_128_sha", true);
|
|
|
|
pref("security.ssl3.ecdh_rsa_null_sha", false);
|
|
|
|
pref("security.ssl3.dhe_rsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.dhe_dss_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.rsa_aes_128_sha", true);
|
|
|
|
pref("security.ssl3.dhe_rsa_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.dhe_dss_des_ede3_sha", true);
|
|
|
|
pref("security.ssl3.dhe_rsa_des_sha", false);
|
|
|
|
pref("security.ssl3.dhe_dss_des_sha", false);
|
|
|
|
pref("security.ssl3.rsa_null_sha", false);
|
|
|
|
pref("security.ssl3.rsa_null_md5", false);
|
2009-08-09 00:19:06 -07:00
|
|
|
pref("security.ssl3.rsa_seed_sha", true);
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2008-03-07 02:52:21 -08:00
|
|
|
pref("security.default_personal_cert", "Ask Every Time");
|
2009-05-20 15:21:51 -07:00
|
|
|
pref("security.remember_cert_checkbox_default_setting", true);
|
2007-03-22 10:30:00 -07:00
|
|
|
pref("security.ask_for_password", 0);
|
|
|
|
pref("security.password_lifetime", 30);
|
2007-08-20 07:22:42 -07:00
|
|
|
pref("security.warn_entering_secure", false);
|
2007-03-22 10:30:00 -07:00
|
|
|
pref("security.warn_entering_weak", true);
|
2007-08-20 07:22:42 -07:00
|
|
|
pref("security.warn_leaving_secure", false);
|
2007-03-22 10:30:00 -07:00
|
|
|
pref("security.warn_viewing_mixed", true);
|
2007-08-20 07:22:42 -07:00
|
|
|
pref("security.warn_submit_insecure", false);
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2007-06-05 12:27:42 -07:00
|
|
|
pref("security.OCSP.enabled", 1);
|
2007-05-30 16:13:28 -07:00
|
|
|
pref("security.OCSP.require", false);
|