[Ach] [SSL Observatory] A TLS protocol level scan of the Alexa top 1, 000, 000
Joe St Sauver
joe at oregon.uoregon.edu
Sun Jan 12 19:58:10 CET 2014
Hi,
Aaron commented:
#I'm also unsure why Firefox now serves TLS 1.2 but it's disabled by
#default. Thats a very confusing choice because it's not even simple
#to enable it for a generic desktop user.
If the user's okay tweaking about:config settings, they can use:
about:config
security.tls.version.max
3
You can then confirm support for TLS 1.2 at
https://www.howsmyssl.com/ or whatever client SSL/TLS review page
you may prefer.
BTW, if the howsmyssl.com page flags weak ciphers in Firefox, while
you're tinkering with about:config you might also want to set:
security.ssl3.rsa_fips_des_ede3_sha
false
In my experience that makes the "Insecure Cipher Suites" warning go away
Regards,
Joe
More information about the Ach
mailing list