Important Notice: We're experiencing email notification issues. If you've posted a question in the community forums recently, please check your profile manually for responses while we're working to fix this.

On Monday the 3rd of March, around 5pm UTC (9am PT) users may experience a brief period of downtime while one of our underlying services is under maintenance.

Avatar for Username

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Ďalšie informácie

Táto téma bola archivovaná. Ak potrebujete pomôcť, založte prosím novú otázku.

Disabling SSL3 ciphers for FIPS 140-2 compliance

  • 1 odpoveď
  • 4 majú tento problém
  • 6 zobrazení
  • Posledná odpoveď od cor-el

mikeoes
mikeoes
more options

In your article "Configuring Firefox for FIPS 140-2" under "Step 3: Disable all the non-FIPS TLS cipher suites in about:config" - should not all the SSL3 cipher suites be disabled as well, e.g. the first "security.ssl3" cipher in the list is "security.ssl3.dhe_dss_aes_128_sha" and has a value of "true"?

In your article "Configuring Firefox for FIPS 140-2" under "Step 3: Disable all the non-FIPS TLS cipher suites in about:config" - should not all the SSL3 cipher suites be disabled as well, e.g. the first "security.ssl3" cipher in the list is "security.ssl3.dhe_dss_aes_128_sha" and has a value of "true"?

Všetky odpovede (1)

cor-el
cor-el
  • Top 25 Contributor
  • Moderator
more options

In step 1 you disabled SSL2 and SSL3, so there is no need to disable individual SSL3 ciphers.

See Configuring Firefox for FIPS 140-2