[Mozilla Enterprise] Firefox 76ff - Disabled Ciphers Policy

[Mike Kaply]

Yeah, what Wes said is correct. We had folks ask if we could allow them to
disable ciphers earlier than we do.

Mike

On Mon, May 25, 2020 at 2:35 AM Wes Kocher <kwierso at gmail.com> wrote:

> My understanding is that the policy values correspond to their preference
> equivalents (they start with `security.ssl3.` in about:config).
>
> Firefox itself will be disabling the insecure ciphers by default as time
> passes, but these policies can control that for enterprises that still need
> to use those ciphers internally.
>
> On Sun, May 24, 2020 at 10:48 PM Kahle, Markus <
> markus.kahle at brueckmann-gmbh.de> wrote:
>
>> Hi,
>>
>> found this new "Disabled Ciphers" option and I wonder if I have to
>> configure any settings in this policy.
>> Isn't firefox itself limiting access to old, insecure ciphers
>> combinations, or do I have to configure this by myself now this policy
>> option is present ?
>> Apart from that, are there any recommended settings for this policy to
>> extend security ?
>>
>> Thanks,
>>
>> Markus
>> _______________________________________________
>> Enterprise mailing list
>> Enterprise at mozilla.org
>> https://mail.mozilla.org/listinfo/enterprise
>>
>> To unsubscribe from this list, please visit
>> https://mail.mozilla.org/listinfo/enterprise or send an email to
>> enterprise-request at mozilla.org with a subject of "unsubscribe"
>>
> _______________________________________________
> Enterprise mailing list
> Enterprise at mozilla.org
> https://mail.mozilla.org/listinfo/enterprise
>
> To unsubscribe from this list, please visit
> https://mail.mozilla.org/listinfo/enterprise or send an email to
> enterprise-request at mozilla.org with a subject of "unsubscribe"
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/enterprise/attachments/20200525/b961876a/attachment.html>