Closed Bug 1107787 Opened 5 years ago Closed 5 years ago

Disable TLS_DHE_DSS_WITH_AES_128_CBC_SHA support

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla37

People

(Reporter: emk, Assigned: briansmith)

References

Details

(Keywords: site-compat, Whiteboard: [parity-Chrome])

Attachments

(1 file)

remove-last-dss-cipher-suites.patch
2.29 KB, patch
keeler
: review+
Details | Diff | Splinter Review 
According to bug 970254 comment #11, Chrome will also drop the support soon.
Assignee: nobody → brian
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla37
This patch disables the cipher suite by switching the default value of the pref. If/when this lands, I'll file a follow-up bug for removing the pref, just like we've done for other disabled/removed cipher suites.
Attachment #8532365 - Flags: review?(dkeeler)
The compatibility impact information is in bug 1073867 comment 2. Should be minimal, especially considering Chrome's changes.
Keywords: site-compat
This needs to be applied on top of the patch for bug 1037098 to avoid merge conflicts.
Keywords: checkin-needed
Whiteboard: [parity-Chrome] → [parity-Chrome][apply on top of bug 1037098]
https://hg.mozilla.org/mozilla-central/rev/526bb391ba63
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Whiteboard: [parity-Chrome][apply on top of bug 1037098] → [parity-Chrome]
You need to log in before you can comment on or make changes to this bug.