Understanding TLS Changes in Firefox 37

4 odpovědi
9 má tento problém
1 zobrazení
Poslední odpověď od cor-el

před 9 roky

21.04.15 1:54

Can someone point me to a document that clearly explains what changes were made in Firefox 37 with respect to TLS? The only thing I can find in the release notes is "Disabled insecure TLS version fallback for site security". I find reference to a Bugzilla, but there are pages of discussions and no clear statement of what has changed. Many web sites have reported that TLS 1.0 was disabled by default and we found one of our web sites that only supports TLS 1.0 was impacted, but another one that only supports TLS 1.0 works just fine. So, it would be helpful to find an authoritative post that sheds light so we can resolve issues relating to Firefox and our applications. Otherwise the only guidance is to use IE. 8-(

Zvolené řešení

See also:

👍 0

Answer 1 · 2015-04-21 01:54:58

user633449

21.04.15 2:10

https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

Run your website through https://www.ssllabs.com/ and you can see all security issues that need to be fixed.

Answer 2 · 2015-04-21 01:54:58

ideato

21.04.15 3:44

Hi, see also specific for 37 : http://bitsup.blogspot.de/2015/03/opportunistic-encryption-for-firefox.html

thanks

Answer 3 · 2015-04-21 01:54:58

user633449

21.04.15 3:46

Actually OE was disabled in 37.0.1 due to a bug.

Answer 4 · 2015-04-21 01:54:58

cor-el

Moderator
Top 10 Contributor

21.04.15 11:54

Prohledat stránky podpory

Understanding TLS Changes in Firefox 37

Zvolené řešení

Všechny odpovědi (4)

Zvolené řešení

Prozkoumat podle produktu

Prozkoumat podle tématu

Procházet podle produktu

Procházet všechna vlákna dle tématu

Získat pomoc s

Prohledat stránky podpory

Understanding TLS Changes in Firefox 37

Zvolené řešení

Všechny odpovědi (4)

Zvolené řešení