We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Pretraži podršku

Izbjegni prevare podrške. Nikad te nećemo tražiti da nas nazoveš, da nam pošalješ telefonski broj ili da podijeliš osobne podatke. Prijavi sumnjive radnje pomoću opcije „Prijavi zlouporabu”.

Saznaj više

Ova tema je arhivirana. Postavi novo pitanje ako trebaš pomoć.

Why "Firefox recommends that you don't enter ...information on this web" what is wrong on SHA256 site cert and how to get rid of the notice

  • 1 odgovor
  • 1 ima ovaj problem
  • 6 prikaza
  • Posljednji odgovor od philipp

jiri.rohlicek
jiri.rohlicek
more options

FF started warn me on some sites showing message: "Firefox recommends that you don't enter your password, credit card and other personal information on this web" and recommends "Don't trust this website". OK, certificate is valid, SHA256 encrypted, but, "Broken Encryption (TLS_RSA_WITH_RC4_128_SHA, 128 bit keys, TLS 1.2)" How can I get rid of the message, if I have to use the server and I have no possibility to change its encryption strenghts as it is not server of mine?

Thanks

Jiří Rohlíček

FF started warn me on some sites showing message: "Firefox recommends that you don't enter your password, credit card and other personal information on this web" and recommends "Don't trust this website". OK, certificate is valid, SHA256 encrypted, but, "Broken Encryption (TLS_RSA_WITH_RC4_128_SHA, 128 bit keys, TLS 1.2)" How can I get rid of the message, if I have to use the server and I have no possibility to change its encryption strenghts as it is not server of mine? Thanks Jiří Rohlíček

Izabrano rješenje

hi, the rc4 cipher suite can no longer be considered state of the art and doesn't provide a decent level of security anymore - therefore firefox will warn you on affected sites (i am not sure what benefit it would have for you if this information is withhold from you): https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/

Pročitaj ovaj odgovor u kontekstu 👍 0

Svi odgovori (1)

philipp
philipp
  • Moderator
more options

Odabrano rješenje

hi, the rc4 cipher suite can no longer be considered state of the art and doesn't provide a decent level of security anymore - therefore firefox will warn you on affected sites (i am not sure what benefit it would have for you if this information is withhold from you): https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/