Closed Bug 1133101 Opened 11 years ago Closed 11 years ago

SSLv3 warning is incorrect if SSLv3 is not the minimum version

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 1127339

People

(Reporter: rbarnes, Unassigned)

Details

Richard Barnes [:rbarnes]

Reporter

Description

•

11 years ago

STR: 1. security.tls.version.min = 3 2. openssl s_server -no_ssl3 -accept 8080 -key $KEY -cert $CERT 3. https://localhost:8080/ Behavior: "Nightly cannot guarantee the safety of your data on example.com because it uses SSLv3, a broken security protocol." Should be: A more general message that says that the version the protocol supports is not up the the configured minimum. We should probably keep the message as it is for now, but use a different message when the pref has been changed.

Masatoshi Kimura [:emk]

Updated

•

11 years ago

Status: NEW → RESOLVED

Closed: 11 years ago

Resolution: --- → DUPLICATE

Nobody; OK to take it and work on it

Assignee

Updated

•

9 years ago

Product: Core → Core Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

SSLv3 warning is incorrect if SSLv3 is not the minimum version

Categories

(Core Graveyard :: Security: UI, defect)

Tracking

(Not tracked)

People

(Reporter: rbarnes, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated