Closed
Bug 1385927
Opened 7 years ago
Closed 7 years ago
Disable TLS 1.3 by default for FF 55
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla55
People
(Reporter: ekr, Assigned: ekr)
References
Details
Attachments
(1 file)
|
2.44 KB,
text/plain
|
jcristau
:
approval-mozilla-beta+
jcristau
:
approval-mozilla-release+
|
Details |
+++ This bug was initially created as a clone of Bug #1368599 +++
Oops, we now need to disable this for FF 55 (we desperately need a pref that distinguishes beta and release).
The same patch will work.
|
Assignee | |
Comment 1•7 years ago
|
||
|
|
Assignee | |
Updated•7 years ago
|
Flags: needinfo?(lhenry)
Flags: needinfo?(dkeeler)
|
|
Assignee | |
Comment 2•7 years ago
|
||
Comment on attachment 8892055 [details]
attachment.txt
[Feature/Bug causing the regression]: bug 1310516 enabled TLS 1.3 by default
[User impact if declined]: interoperability concerns, iiuc
[Is this code covered by automated tests?]: yes
[Has the fix been verified in Nightly?]: no - this is for 55 only
[Needs manual test from QE? If yes, steps to reproduce]: no, but you could test by going to https://www.cloudflare.com/, opening the page info dialog, going to the security tab, and checking that under "Technical Details" it says TLS 1.2 and not TLS 1.3
[List of other uplifts needed for the feature/fix]: none
[Is the change risky?]: no
[Why is the change risky/not risky?]: it just changes the default to a previously-known good value
[String changes made/needed]: none
Attachment #8892055 -
Flags: approval-mozilla-release?
|
||
Updated•7 years ago
|
status-firefox55:
--- → affected
tracking-firefox55:
--- → blocking
|
|
||
Comment 3•7 years ago
|
||
Comment on attachment 8892055 [details]
attachment.txt
go back to tls 1.2 for 55 rc1, as we've done in previous releases
Does this need an r+ from David?
Flags: needinfo?(lhenry)
Attachment #8892055 -
Flags: approval-mozilla-release?
Attachment #8892055 -
Flags: approval-mozilla-release+
Attachment #8892055 -
Flags: approval-mozilla-beta+
|
|
Assignee | |
Comment 4•7 years ago
|
||
It's the same patch, so I think if we QA double-check it we should be fine.
|
|
Assignee | |
Comment 5•7 years ago
|
||
This worked in local testing.
|
||
Comment 6•7 years ago
|
||
https://hg.mozilla.org/releases/mozilla-beta/rev/116b3910f1c7
https://hg.mozilla.org/releases/mozilla-release/rev/116b3910f1c7
Assignee: nobody → ekr
Status: NEW → RESOLVED
Closed: 7 years ago
Flags: needinfo?(dkeeler)
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
|
||
Comment 7•7 years ago
|
||
Noticed this improvement:
== Change summary for alert #8534 (as of July 31 2017 16:31 UTC) ==
Improvements:
6% tp5o Main_RSS linux64 opt e10s 168,840,115.76 -> 159,393,665.47
For up to date results, see: https://treeherder.mozilla.org/perf.html#/alerts?id=8534
|
|
Assignee | |
Comment 8•7 years ago
|
||
I suspect you are on the wrong bug here.
|
|
||
Comment 9•7 years ago
|
||
You are right: comment7 is invalid. I got confused by a data point.
:ekr Thanks for pointing this out!
You need to log in
before you can comment on or make changes to this bug.
Description
•