711335 - Update SSL help after SSL 2.0 removal

Status: RESOLVED FIXED

(SeaMonkey :: Help Documentation, defect)

Description

[Serge Gautherie (:sgautherie)]

Edit > Preferences... > Privacy & Security > SSL > Help :
"You should normally leave these three checkboxes selected [...]"

There are 2 checkboxes only: 'SSL 3' and 'TLS'.

It looks like 'SSL Protocol Versions' help was not updated when SSL 2.0 support was removed.

***

Moreover, I assume this help is a little misleading:
I assume fallback from TLS (1.0) to SSL 3.0 happens only if both are enabled...

Comment 1

[Serge Gautherie (:sgautherie)]

(In reply to Serge Gautherie (:sgautherie) from comment #0)
> I assume fallback from TLS (1.0) to SSL 3.0 happens only if both are
> enabled...

Kai, could you confirm how (PSM+)NSS actually behaves?

Comment 2

[Jens Hatlak (:InvisibleSmiley)]

Kai, ping? If you cannot confirm either way, maybe you can provide us with a test case?

Comment 3

[Kai Engert (:KaiE:)]

SSL 2 should no longer be mentioned in the help instructions.

Comment 4

[Serge Gautherie (:sgautherie)]

(In reply to Kai Engert (:kaie) from comment #3)
> SSL 2 should no longer be mentioned in the help instructions.

Yeah, but the question was wrt to TLS<->SSL setting dependence (or not).

Comment 5

[Jens Hatlak (:InvisibleSmiley)]

(In reply to Kai Engert (:kaie) from comment #3)
> SSL 2 should no longer be mentioned in the help instructions.

He, yes, we agree there. :-)

The question was not regarding the summary of this bug but regarding comment 1: Does TLS (security.enable_tls = true) fall back to SSL 3 if SSL 3 is not enabled through preferences (security.enable_ssl3 = false)?

Comment 6

[Kai Engert (:KaiE:)]

If SSL 3 is disabled, we will not fall back to SSL 3.

Comment 7

[Jens Hatlak (:InvisibleSmiley)]

Fixed through bug 711334.