Update the SSL Preference Pane after bug 733642 changed preference names and semantics

RESOLVED WONTFIX

Status

Calendar
Preferences
RESOLVED WONTFIX
5 years ago
5 years ago

People

(Reporter: Ian Neal, Unassigned)

Tracking

Dependency tree / graph

Details

(Reporter)

Description

5 years ago
+++ This bug was initially created as a clone of Bug #861471 +++

Relevant Bugs:
FX Bug 733632 - Remove TLS version UI (Options > Advanced > Encryption > Protocols)
Core Bug 733642 - Allow the user to enable any version of TLS that libssl supports, maintaining our current defaults


Bug 733642
Removed:
> -pref("security.enable_ssl3",             true);
> -pref("security.enable_tls",		 true);

Added:
> +pref("security.tls.version.min", 0);
> +pref("security.tls.version.max", 1);

https://hg.mozilla.org/mozilla-central/rev/04dbe811e4a0#l3.26

> +  // 0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, etc.


From Bug 733632:

> tl;dr: Let's remove the "Protocols" option in Advanced encryption options 
> dialog box.
> 
> Right now, we have two checkboxes:
> 
>   [X] Use SSL 3.0   [X] Use TLS 1.0
> 
> We are adding support for TLS 1.1. When we add this support, we could add 
> another checkbox like this:
> 
>   [X] Use SSL 3.0   [X] Use TLS 1.0   [X] Use TLS 1.1
> 
> However, this would be confusing, because it is not possible to enable SSL 3.0 
> and TLS 1.1 without also enabling TLS 1.0; the range of enabled versions must 
> be contiguous, so only the following choices would be valid:
> 
>   [X] Use SSL 3.0   [X] Use TLS 1.0   [X] Use TLS 1.1
>   [X] Use SSL 3.0   [X] Use TLS 1.0   [ ] Use TLS 1.1
>   [ ] Use SSL 3.0   [X] Use TLS 1.0   [X] Use TLS 1.1
>   [X] Use SSL 3.0   [ ] Use TLS 1.0   [ ] Use TLS 1.1
>   [ ] Use SSL 3.0   [X] Use TLS 1.0   [ ] Use TLS 1.1
>   [ ] Use SSL 3.0   [ ] Use TLS 1.0   [X] Use TLS 1.1
> 
> Note also that the current UI lets us do this:
> 
>   [ ] Use SSL 3.0   [ ] Use TLS 1.0
> 
> which is nonsense, because at least one version must be enabled to do anything 
> sensible.
> 
> We will have compatibility features implemented so that basically will really 
> need to toggle these prefs, except experts. Therefore, I think about:config is 
> a sufficient UI for controlling this feature.

See Bug 733632 for other proposed UI.

Comment 1

5 years ago
Is this actually relevant for Lightning? I'm not using it myself, but I can't find the "Encryption" tab where the boxes are supposed to be provided.

For SeaMonkey, bug 861471 provides the UI needed to modify those prefs, and they should be applicable to all protocols. Only Thunderbird would be affected as it doesn't provide any UI for the encryption protocols by itself.
Flags: needinfo?(ssitter)

Comment 2

5 years ago
Sunbird is currently scheduled to be removed from the comm-central tree leaving only those files relevant to Lightning. So I don't think this bug is useful/valid
Sunbird code was removed from tree, bug is no longer required.
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Flags: needinfo?(ssitter)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.