Strict SSL3 Configuration

Author(s):



This add-on toggles between default and strict configurations for security.ssl3 preferences.

In default mode, all preferences are reset to their default value, while in strict mode, only whitelisted preferences are activated.
Current behaviour is to avoid 128 bit ciphers (except for ECDHE), RC4 and ECDSA and to opt-in for secure SSL/TLS renegotiation.

Websites using only weak ciphers or unsafe renegotiation will fail to load.

Using stronger ciphers only will likely help your security posture but, if anonymity is important for you, please be aware that a website can more easily fingerprint your browser due to the reduced ciphers suite in use.

Extension source code available here: https://github.com/sid77/strict-ssl3-config .

Download files:

strict-ssl3-configuration-0.3.1-signed-linux.xpi
strict-ssl3-configuration-0.3.1-signed-mac.xpi
strict-ssl3-configuration-0.3.1-signed-windows.xpi
strict-ssl3-configuration-0.4.1-signed-linux.xpi
strict-ssl3-configuration-0.4.1-signed-mac.xpi
strict-ssl3-configuration-0.4.1-signed-windows.xpi
strict-ssl3-configuration-0.5.1.1-signed.xpi
strict-ssl3-configuration-0.5.2.xpi
strict-ssl3-configuration-0.6.0.xpi


This page is part of the LegacyCollector website.
Disclaimer: All material on this site is property of their respective owners and available under
open licenses to the best of our knowledge. If you are an author and would like anything removed,
then please write an e-mail to legacy [at] collector dot org.