We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cuireadh an snáithe seo sa chartlann. Cuir ceist nua má tá cabhair uait.

Browser still uses TLS_AES_128_GCM_SHA256 (0x1301) 128-bit SSL encryption cipher even when disabled in about:config

  • 1 freagra
  • 1 leis an bhfadhb seo
  • 1 view
  • Freagra is déanaí ó cor-el

more options

Even after disabling all the 128-bit cipher suites in about:config, the cipher TLS_AES_128_GCM_SHA256 (0x1301) is still being used.

I used Qualys SSL Labs Client Test (https://www.ssllabs.com/ssltest/viewMyClient.html), and saw that TLS_AES_128_GCM_SHA256 (0x1301) remains to be the most preferred cipher suite.

All TLS 1.3 connections, such as facebook.com and cloudflare.com, uses that particular AES-128 cipher suite.

Is this a feature or a bug?

Even after disabling all the 128-bit cipher suites in about:config, the cipher TLS_AES_128_GCM_SHA256 (0x1301) is still being used. I used Qualys SSL Labs Client Test (https://www.ssllabs.com/ssltest/viewMyClient.html), and saw that TLS_AES_128_GCM_SHA256 (0x1301) remains to be the most preferred cipher suite. All TLS 1.3 connections, such as facebook.com and cloudflare.com, uses that particular AES-128 cipher suite. Is this a feature or a bug?

Réiteach roghnaithe

See:

  • Bug 1490902 - TLS 1.3 Adds & Prioritizes 3 Cipher Suites with inferior security to TLS 1.2 Suites

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)

Read this answer in context 👍 1

All Replies (1)

more options

Réiteach Roghnaithe

See:

  • Bug 1490902 - TLS 1.3 Adds & Prioritizes 3 Cipher Suites with inferior security to TLS 1.2 Suites

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)