1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/netwerk/base/public/security-prefs.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,62 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +pref("security.tls.version.min", 1);
1.9 +pref("security.tls.version.max", 3);
1.10 +
1.11 +pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false);
1.12 +pref("security.ssl.renego_unrestricted_hosts", "");
1.13 +pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
1.14 +pref("security.ssl.require_safe_negotiation", false);
1.15 +pref("security.ssl.warn_missing_rfc5746", 1);
1.16 +pref("security.ssl.enable_ocsp_stapling", true);
1.17 +pref("security.ssl.enable_false_start", true);
1.18 +pref("security.ssl.false_start.require-npn", true);
1.19 +pref("security.ssl.false_start.require-forward-secrecy", true);
1.20 +pref("security.ssl.enable_npn", true);
1.21 +pref("security.ssl.enable_alpn", false);
1.22 +
1.23 +pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true);
1.24 +pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true);
1.25 +pref("security.ssl3.ecdhe_rsa_aes_128_sha", true);
1.26 +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
1.27 +pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
1.28 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
1.29 +pref("security.ssl3.ecdhe_rsa_des_ede3_sha", true);
1.30 +pref("security.ssl3.dhe_rsa_aes_128_sha", true);
1.31 +pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
1.32 +pref("security.ssl3.dhe_rsa_aes_256_sha", true);
1.33 +pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
1.34 +pref("security.ssl3.dhe_rsa_des_ede3_sha", true);
1.35 +pref("security.ssl3.dhe_dss_aes_128_sha", true);
1.36 +pref("security.ssl3.dhe_dss_aes_256_sha", true);
1.37 +pref("security.ssl3.ecdhe_rsa_rc4_128_sha", true);
1.38 +pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", true);
1.39 +pref("security.ssl3.rsa_aes_128_sha", true);
1.40 +pref("security.ssl3.rsa_camellia_128_sha", true);
1.41 +pref("security.ssl3.rsa_aes_256_sha", true);
1.42 +pref("security.ssl3.rsa_camellia_256_sha", true);
1.43 +pref("security.ssl3.rsa_des_ede3_sha", true);
1.44 +pref("security.ssl3.rsa_rc4_128_sha", true);
1.45 +pref("security.ssl3.rsa_rc4_128_md5", true);
1.46 +
1.47 +pref("security.ssl3.rsa_fips_des_ede3_sha", false);
1.48 +pref("security.ssl3.dhe_dss_camellia_256_sha", false);
1.49 +pref("security.ssl3.dhe_dss_camellia_128_sha", false);
1.50 +pref("security.ssl3.rsa_seed_sha", false);
1.51 +
1.52 +pref("security.default_personal_cert", "Ask Every Time");
1.53 +pref("security.remember_cert_checkbox_default_setting", true);
1.54 +pref("security.ask_for_password", 0);
1.55 +pref("security.password_lifetime", 30);
1.56 +
1.57 +pref("security.OCSP.enabled", 1);
1.58 +pref("security.OCSP.require", false);
1.59 +pref("security.OCSP.GET.enabled", false);
1.60 +
1.61 +pref("security.use_mozillapkix_verification", true);
1.62 +
1.63 +// If set to true, disables sending SSL3 Session IDs and TLS Session Tickets,
1.64 +// to prevent session tracking:
1.65 +pref("security.ssl.disable_session_identifiers", false);
