Reseting about:config security.tls.version.min resets to wrong value
Categories
(Core :: Security: PSM, defect)
Tracking
()
People
(Reporter: nasamura, Unassigned)
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:74.0) Gecko/20100101 Firefox/74.0
Steps to reproduce:
- Set security.tls.version.min to 1 in about:config
(Possibly restart/reboot here. Haven't checked.) - Click reset on security.tls.version.min in about:config
Actual results:
It "resets" to 1 but it was 3 originally
Expected results:
It should reset to 3
|
||
Comment 1•5 years ago
|
||
Bugbug thinks this bug should belong to this component, but please revert this change in case of error.
|
||
Comment 2•5 years ago
|
||
What is the full version of Firefox that you're running? (see in about:support)
Version is 74.0
Build id is 20200309095159
|
|
||
Comment 4•5 years ago
|
||
Due to the pandemic we've delayed the deprecation of TLS 1.0 and 1.1. The mechanism we used to do that essentially set the default for that pref to 1 (i.e. TLS 1.0), so this is the expected behavior (unfortunately the only way bugzilla has to express "expected behavior" is with the status "invalid").
Default preferences can be set remotely? It was 3 the day before.
|
|
||
Comment 6•5 years ago
|
||
@nasamura This was handled as a hotfix to address a critical issue. 74 is the first release version to have 3 as the default setting. We uplifted a change to revert to 1 into Beta 75 (so that will go to release with "1") and pushed a pref-change to Release 74 to reset that specific preference default to 1. The release notes for 74 were updated to reflect that it was reverted and you can see the change in about:support.
I'm realizing we need to update our documentation to explain resetting a default pref-flip - it is the same high bar as hotfix add-ons, just lower technical risk than a hotfix add-on or full dot release update. https://wiki.mozilla.org/Features/Desktop/Add-on_hotfix.
Description
•