Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Why is firefox using the (presumably broken) RC4 128bit SSL encryption as highest priority default encryption?

  • 1 답장
  • 6 이 문제를 만남
  • 8 보기
  • 최종 답변자: cor-el

more options

128 bit encryption is no longer a real security deal. There are known attacks on RC4 and there is a warning from NIST to do not longer use it in a new product. Firefox uses an internal list on prefered cipher suites. Why does firefox do not request for 256 bit encryption as default (AES and Camellia) and in a second step, if negotiation with an outdated server fails, fall back to 128 bit encryption? I know the user can block 128bit from about:config, but why is such an insecure and outdated SSL encryption option the default behaviour?

128 bit encryption is no longer a real security deal. There are known attacks on RC4 and there is a warning from NIST to do not longer use it in a new product. Firefox uses an internal list on prefered cipher suites. Why does firefox do not request for 256 bit encryption as default (AES and Camellia) and in a second step, if negotiation with an outdated server fails, fall back to 128 bit encryption? I know the user can block 128bit from about:config, but why is such an insecure and outdated SSL encryption option the default behaviour?

모든 댓글 (1)

more options

You can disable the 128 bit RC4 ciphers by setting the related security.ssl3.* prefs to false.
If you need to visit a server that only works with an 128 cipher suite then you can enable one or two 128 SSL ciphers.
Note that some servers host CSS files on such servers with older server software.

  • security.ssl3.rsa_rc4_128_md5
  • security.ssl3.rsa_rc4_128_sha