Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

সহায়তা খুঁজুন

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

আরও জানুন

এই থ্রেডটি সংরক্ষিত ছিল। যদি আপনি সাহায্য চান তাহলে অনুগ্রহ করে একটি নতুন প্রশ্ন জিজ্ঞাসা করুন

Disabling SSL3 ciphers for FIPS 140-2 compliance

  • 1 উত্তর
  • 4 এই সমস্যাটি আছে
  • 1 দেখুন
  • শেষ জবাব দ্বারা cor-el

mikeoes
mikeoes
more options

In your article "Configuring Firefox for FIPS 140-2" under "Step 3: Disable all the non-FIPS TLS cipher suites in about:config" - should not all the SSL3 cipher suites be disabled as well, e.g. the first "security.ssl3" cipher in the list is "security.ssl3.dhe_dss_aes_128_sha" and has a value of "true"?

In your article "Configuring Firefox for FIPS 140-2" under "Step 3: Disable all the non-FIPS TLS cipher suites in about:config" - should not all the SSL3 cipher suites be disabled as well, e.g. the first "security.ssl3" cipher in the list is "security.ssl3.dhe_dss_aes_128_sha" and has a value of "true"?

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

In step 1 you disabled SSL2 and SSL3, so there is no need to disable individual SSL3 ciphers.

See Configuring Firefox for FIPS 140-2