Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

remove security.tls.version.enable-deprecated

See original GitHub issue

@fxbrit

AFAICT you can’t downgrade anymore, so we should be good to remove this? yes? no?

/* 6010: enforce/reset TLS 1.0/1.1 downgrades to session only
 * [NOTE] In FF97+ the TLS 1.0/1.1 downgrade UX was removed
 * [TEST] https://tls-v1-1.badssl.com:1010/ ***/
user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false]

Issue Analytics

State:
Created 10 months ago
Comments:9 (5 by maintainers)

Top GitHub Comments

1reaction

Thorin-Oakenpantscommented, Dec 20, 2022

and two of them have since been removed upstream in hardcode

I thought I might have been cc’d in it, but I can;t find it … but from memory they actually removed the ciphers from the TLS suites IIUIC

anyway, leaving it in for another ESR cycle is fine since according to pierov’s comment, it is used to bypass those prefs (just in case someone hardened their browser against downgrade attacks for whatever reason, not going to judge) - so no, not ignoring it for arkenfox

hopefully in another year some more of those ciphers will die - I think the remaining ones account for about 1% of secure traffic

1reaction

Thorin-Oakenpantscommented, Dec 5, 2022

https://github.com/arkenfox/user.js/pull/1592/commits/6d7198f4d3c1e0cb23ee4314624ad9e3d228f1ae

Top Results From Across the Web

How to re-disable TLSv1.0? | Firefox Support Forum

Now I want to go back to the default settings, where Firefox blocks TLSv1.0. How do I do that? In about:config I looked...

KB5017811—Manage Transport Layer Security (TLS) 1.0 and ...

So, Microsoft recommends that you remove TLS 1.0 and 1.1 dependencies. We also recommend that you disable TLS 1.0 and 1.1 at the...

security.tls.version.enable-deprecated=true no longer working

Description of problem: security.tls.version.enable-deprecated=true is no longer working since upgrading from F32 to F33. This applies both for Thunderbird ...

enable-deprecated allows enabling protocols lower than ...

Hello,. After setting SSLVersionMin ( security.tls.version.min ) to 3 in GPO, when users are visiting websites that only support TLSv1.0 and ...

Disable Enable TLS 1.0 and 1.1 for Internet Explorer EdgeHTML

In Oct 2018, Microsoft announced the disablement of Transport Layer Security (TLS) 1.0 and 1.1 by default in Microsoft browsers. The disablement ...