michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: pref("security.tls.version.min", 1); michael@0: pref("security.tls.version.max", 3); michael@0: michael@0: pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", false); michael@0: pref("security.ssl.renego_unrestricted_hosts", ""); michael@0: pref("security.ssl.treat_unsafe_negotiation_as_broken", false); michael@0: pref("security.ssl.require_safe_negotiation", false); michael@0: pref("security.ssl.warn_missing_rfc5746", 1); michael@0: pref("security.ssl.enable_ocsp_stapling", true); michael@0: pref("security.ssl.enable_false_start", true); michael@0: pref("security.ssl.false_start.require-npn", true); michael@0: pref("security.ssl.false_start.require-forward-secrecy", true); michael@0: pref("security.ssl.enable_npn", true); michael@0: pref("security.ssl.enable_alpn", false); michael@0: michael@0: pref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); michael@0: pref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); michael@0: pref("security.ssl3.ecdhe_rsa_aes_128_sha", true); michael@0: pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true); michael@0: pref("security.ssl3.ecdhe_rsa_aes_256_sha", true); michael@0: pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true); michael@0: pref("security.ssl3.ecdhe_rsa_des_ede3_sha", true); michael@0: pref("security.ssl3.dhe_rsa_aes_128_sha", true); michael@0: pref("security.ssl3.dhe_rsa_camellia_128_sha", true); michael@0: pref("security.ssl3.dhe_rsa_aes_256_sha", true); michael@0: pref("security.ssl3.dhe_rsa_camellia_256_sha", true); michael@0: pref("security.ssl3.dhe_rsa_des_ede3_sha", true); michael@0: pref("security.ssl3.dhe_dss_aes_128_sha", true); michael@0: pref("security.ssl3.dhe_dss_aes_256_sha", true); michael@0: pref("security.ssl3.ecdhe_rsa_rc4_128_sha", true); michael@0: pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", true); michael@0: pref("security.ssl3.rsa_aes_128_sha", true); michael@0: pref("security.ssl3.rsa_camellia_128_sha", true); michael@0: pref("security.ssl3.rsa_aes_256_sha", true); michael@0: pref("security.ssl3.rsa_camellia_256_sha", true); michael@0: pref("security.ssl3.rsa_des_ede3_sha", true); michael@0: pref("security.ssl3.rsa_rc4_128_sha", true); michael@0: pref("security.ssl3.rsa_rc4_128_md5", true); michael@0: michael@0: pref("security.ssl3.rsa_fips_des_ede3_sha", false); michael@0: pref("security.ssl3.dhe_dss_camellia_256_sha", false); michael@0: pref("security.ssl3.dhe_dss_camellia_128_sha", false); michael@0: pref("security.ssl3.rsa_seed_sha", false); michael@0: michael@0: pref("security.default_personal_cert", "Ask Every Time"); michael@0: pref("security.remember_cert_checkbox_default_setting", true); michael@0: pref("security.ask_for_password", 0); michael@0: pref("security.password_lifetime", 30); michael@0: michael@0: pref("security.OCSP.enabled", 1); michael@0: pref("security.OCSP.require", false); michael@0: pref("security.OCSP.GET.enabled", false); michael@0: michael@0: pref("security.use_mozillapkix_verification", true); michael@0: michael@0: // If set to true, disables sending SSL3 Session IDs and TLS Session Tickets, michael@0: // to prevent session tracking: michael@0: pref("security.ssl.disable_session_identifiers", false);