Pale Moon forum

At https://badssl.com/dashboard/, Pale Moon fails the test for sha-1 intermediate, but SeaMonkey passes. Why? I had disabled some of the encryption protocols that I was advised were unsafe to use in SeaMonkey, and done the same with Pale Moon. Since they were the same settings disabled in both, why did SeaMonkey pass and Pale Moon fail?

Pale Moon doesn't reject SHA-1 signed intermediate certificates at the moment, because there have thus far been plenty situations where these signatures are in use (e.g. locally-installed AV suites, local proxies, enterprise setups, etc.).
Ultimately, it is the responsibility of a CA to ensure properly strong signatures on their issuing certificates.

If this is considered a major enough issue, I can look into changing this policy provided it won't cause too much breakage.

For those of us who may want to set it manually, how would one disable the acceptance of SHA-1 signed certificates? Is this a about:config setting or is it compiled into the build? I didn't see such a thing under the pale moon commander options.

I believe I got the information about what to disable in about:config here:
https://gist.github.com/haasn/69e19fc2f ... /revisions