All users were logged out of Bugzilla on October 13th, 2018

SSLv3 warning is incorrect if SSLv3 is not the minimum version

RESOLVED DUPLICATE of bug 1127339

Status

RESOLVED DUPLICATE of bug 1127339
4 years ago
2 years ago

People

(Reporter: rbarnes, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

4 years ago
STR:
1. security.tls.version.min = 3
2. openssl s_server -no_ssl3 -accept 8080 -key $KEY -cert $CERT
3. https://localhost:8080/

Behavior: 
"Nightly cannot guarantee the safety of your data on example.com because it uses SSLv3, a broken security protocol."

Should be:
A more general message that says that the version the protocol supports is not up the the configured minimum.

We should probably keep the message as it is for now, but use a different message when the pref has been changed.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1127339
(Assignee)

Updated

2 years ago
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.