none
Forum security protocols

    Question

  • I don't think this is a bug...

    I use K-Meleon74.24 as my primary browser in W7HPx64 SP1, Opera 12.17 and IE 11.  I have disabled SSL2 and SSL3 in K-M and Opera, but I have kept it in Windows, for trouble-shooting: If K-M or Opera refuse to go there, I light up IE to check.

    My question is, when will Technet (all of it!) jump on the bandwagon and permit only TLS?

    FWIW, here is a (probably incomplete) list of K-M config items:

    • security.ssl3.rsa_fips_des_ede3_sha;false
      security.ssl3.rsa_rc4_128_md5;false
      security.ssl3.rsa_rc4_128_sha;false
      security.ssl3.rsa_seed_sha;false
    • security.tls.version.max;3
      security.tls.version.min;1
    • security.ssl.require_safe_negotiation;true
      security.ssl.treat_unsafe_negotiation_as_broken;true
      security.ssl.warn_missing_rfc5746;1
      security.ssl.enable_false_start;false
      security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref;false
      security.enable_md5_signatures;false

    Just for interest, both K-M and Opera are totally capable of entering TLS 1.2 sites...

    Gordon.


    • Edited by gordon451 Tuesday, December 23, 2014 2:31 AM forgot state
    Tuesday, December 23, 2014 2:29 AM