I was wondering if you here recommend changing:
Code: Select all
network.protocol-handler.external.afp false
network.protocol-handler.external.data false
network.protocol-handler.external.disk false
network.protocol-handler.external.disks false
network.protocol-handler.external.hcp false
network.protocol-handler.external.javascript false
network.protocol-handler.external.mailto false not default
network.protocol-handler.external.ms-help false
network.protocol-handler.external.news false not default
network.protocol-handler.external.nntp false not default
network.protocol-handler.external.shell false
network.protocol-handler.external.snews false not default
network.protocol-handler.external.vbscript false
network.protocol-handler.external.vnd.ms.radio false
network.protocol-handler.expose-all false not default
Code: Select all
:: 128 bits ::
security.ssl3.rsa_camellia_128_sha false
security.ssl3.ecdhe_rsa_aes_128_sha false
security.ssl3.ecdhe_ecdsa_aes_128_sha false
security.ssl3.dhe_rsa_camellia_128_sha false
security.ssl3.dhe_rsa_aes_128_sha false
:: 3DES < 128bits - http://www-archive.mozilla.org/projects ... uites.html
:: https://en.wikipedia.org/wiki/3des#Security + http://en.citizendium.org/wiki/Meet-in- ... dle_attack ::
fehlt security.ssl3.dhe_rsa_des_ede3_sha false
fehlt security.ssl3.ecdhe_rsa_des_ede3_sha false
security.ssl3.rsa_des_ede3_sha false
:: 256bits without PFS ::
security.ssl3.rsa_camellia_256_sha false
:: Susceptible to the logjam attack - https://weakdh.org ::
security.ssl3.dhe_rsa_camellia_256_sha false
security.ssl3.dhe_rsa_aes_256_sha false
:: DSA max 1024bits ::
fehlt security.ssl3.dhe_dss_aes_128_sha false
fehlt security.ssl3.dhe_dss_aes_256_sha false
:: don't found any problems but maybe let it on for compatibility ::
security.ssl3.rsa_aes_128_sha false
security.ssl3.ecdhe_ecdsa_camellia_128_gcm_sha256 false
security.ssl3.ecdhe_rsa_camellia_128_gcm_sha256 false
Thank you, Merry Christmas!