I suggest adding:
1.security.pki.mitm_detected
change by default
2.security.pki.sha1_enforcement_level = 1
proof: www.shattered.io
2 suggestions
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Re: 2 suggestions
(I don't know security, but...)
that page is from 2017
this too, https://blog.mozilla.org/security/2017/ ... ublic-web/
What is gained by the prefs you suggest?
How might a user be affected by making such changes?
How do they compare to current PM &/or FF... settings?
(The ancient browser I'm on has, security.pki.sha1_enforcement_level;3.)
that page is from 2017
this too, https://blog.mozilla.org/security/2017/ ... ublic-web/
What is gained by the prefs you suggest?
How might a user be affected by making such changes?
How do they compare to current PM &/or FF... settings?
(The ancient browser I'm on has, security.pki.sha1_enforcement_level;3.)
Re: 2 suggestions
Un(?)fortunately without a proper explanation (a link is not enough) I doubt the developers will listen to you.
-
shevy
Re: 2 suggestions
Agreed. Without explanation and context, it makes little sense to want to change anything, since it would be sort of
missing the context and appear as a "random change", even IF there was an explanation. It also makes me wonder
a little because if you have time to suggest a change requiring specific words/APIs, surely you could have added
a short explanation? Even if only for others who read it to understand what is going on.
missing the context and appear as a "random change", even IF there was an explanation. It also makes me wonder
a little because if you have time to suggest a change requiring specific words/APIs, surely you could have added
a short explanation? Even if only for others who read it to understand what is going on.