I'm not sure we're using older protocols. See https://browserleaks.com/tls to confirm.

I'm not sure we're using older protocols. See https://browserleaks.com/tls to confirm.

Thanks, I had forgotten about that website, so useful. It doesn't show anything at all about SSL, so I suppose it's not active? It only shows TSL and it says that 1.2 and 1.3 are enabled, while the older ones aren't. Now, does this mean that Firefox can bypass the system wide settings? I mean, I have 1.2 disabled system wide... Anyway where it says "handshake" it says 1.3, so I guess this means that although 1.2 is enabled the active one is 1.3?

An off topic question which I don't think it's worth opening a new thread for, I had a look at the other things that browserleaks offer and in the canvas test it says 100% unique in their database. Is this how it is supposed to be to avoid fingerprinting? Is uniqueness not a bad thing for fingerprinting, which helps them identify you? And if so, how is this happening when I have the Enhanced Tracking Protection in FF in Custom with all cross sites cookies disabled and the tracking and fingerprinting option in "in all windows", and CanvasBlocker on top of that (although in the Stealth preset, which maybe doesn't block all fingerprinting in exchange for making it more difficult to spot that you are using anti-fingerprint, but still, it should not suck so much to make me 100% unique).

Thanks

Just to know, are comments in this place held for review before they are posted? Because my reply to you disappeared after I sent it. So, this comment is also a test, if I see it posted immediately that's already an answer, although I still wouldn't know why the previous one wasn't posted. Hmm...

Ah, ok, so, this was posted, so I have no idea what happened to the previous one.

Ok, then, again:

thanks for the reply, I had forgotten about that website, super helpful.

So, supposedly it should show info about SSL and TSL but it wasn't saying anything about SSL. Does that mean that it's not even present or what?

About TLS it was saying that 1.2 and 1.3 are enabled, 1.0 and 1.1 are not. Now the question would be, does this mean that Firefox "bypass" the system wide settings? I mean, I have TLS 1.2 completely disabled system wide... Anyway, where it says "handshake" it shows 1.3. Am I correct to assume that this means that the active protocol is 1.3 and that 1.2 will only be used when a website can't do otherwise? Which bring to the next question: what happened to "1.3 is backwards compatible with 1.2"?

Oki, thanks :)

Firefox uses prefs in about:config to set maximum and the minimum TLS version (3:TLS 1.2; 4:TLS 1.3).

• security.tls.version.max (4)
• security.tls.version.min (3)

• https://support.mozilla.org/en-US/kb/about-config-editor-firefox

Note that Firefox comes with security.tls.version.enable-deprecated to enable TLS 1.0 and 1.1.

The TLS 1.1, 1.0 has been disabled by default since Firefox 78.0 and the option to enable TLS 1.0 and 1.1 was removed from the error page in Firefox 97.

https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.mozilla.org/firefox/78.0/releasenotes/

We have disabled TLS 1.0 and TLS 1.1 to improve your website connections. Sites that don't support TLS version 1.2 will now show an error page.

Just to know, are comments in this place held for review before they are posted? Because my reply to you disappeared after I sent it. So, this comment is also a test, if I see it posted immediately that's already an answer, although I still wouldn't know why the previous one wasn't posted. Hmm

For non trusted contributors if you have a link in your reply that is not of a short whitelisted list of sites then it will likely get hidden as spam and needing approval. We have to do this as spammers do post spam links in their replies, often hidden with a period or comma so they may get missed if not for the auto-flag. Also just so you know, try not to use three of more periods like ... as it may trigger the auto flag of reply as spam.