TLS 1.1?

Discussion of general topics about Seamonkey
Post Reply
User avatar
fixit7
Posts: 233
Joined: May 19th, 2015, 3:11 pm

TLS 1.1?

Post by fixit7 »

Does Seamonkey comply with these guidelines?

30 June 2018 is the deadline for disabling SSL/early TLS and implementing a more secure encryption protocol – TLS 1.1 or higher (TLS v1.2 is strongly encouraged) in order to meet the PCI Data Security Standard (PCI DSS) for safeguarding payment data.
User avatar
makaiguy
Posts: 16878
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA
Contact:

Re: TLS 1.1?

Post by makaiguy »

In about:config, set security.tls.version.min to 2 to prevent protocols lower than TLS 1.1 from being used.

Reference: http://kb.mozillazine.org/Security.tls.version.*
Doug Wilson
Win10 64bit: FF 115.0.02 64bit, TB 102.12.0 32-bit ║ Android 13/10: FF 115.2.0/115.0.1 ║ No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers
User avatar
fixit7
Posts: 233
Joined: May 19th, 2015, 3:11 pm

Re: TLS 1.1?

Post by fixit7 »

Thanks, I set it to 2.

I have general.useragent.override set to this because a site would not work with Seamonkey.

Mozilla/5.0 (X11; Linux i686; rv:58.0) Gecko/20100101 Firefox/58.0

Do I set it to go to a newer version?
User avatar
Frank Lion
Posts: 21173
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom
Contact:

Re: TLS 1.1?

Post by Frank Lion »

fixit7 wrote:Does Seamonkey comply with these guidelines?
Yep, already does without needing to do anything. Been OK for ages.

There are notes here - https://www.paypal.com/us/smarthelp/art ... er-faq3893

and their test site is here - https://www.sandbox.paypal.com/us/home
Please visit our sandbox site from each of your browsers. If the page loads, you are already upgraded.
Good to know what PayPal think, but personally I use this test site - https://www.ssllabs.com/ssltest/viewMyClient.html
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)
.
User avatar
James
Moderator
Posts: 27999
Joined: June 18th, 2003, 3:07 pm
Location: Made in Canada

Re: TLS 1.1?

Post by James »

Firefox has supported TLS 1.2 by default since Firefox 27.0 Release (Feb 4, 2014) (or any SeaMonkey using Gecko 27.0 or later) as per Bug#861266

From Firefox 60 Release Notes:
On-by-default support for draft-23 of the TLS 1.3 specification
There are TLS settings prefs on the about:config page that specify the minimum and maximum TLS version.

security.tls.version.min = 1
security.tls.version.max = 4
1 means TLS 1.0
2 means TLS 1.1
3 means TLS 1.2 (default for max as of 27 to 59)
4 means TLS 1.3 (default for max as of 60)

http://kb.mozillazine.org/security.tls.version.*
User avatar
fixit7
Posts: 233
Joined: May 19th, 2015, 3:11 pm

Re: TLS 1.1?

Post by fixit7 »

Frank Lion wrote:
fixit7 wrote:Does Seamonkey comply with these guidelines?
Yep, already does without needing to do anything. Been OK for ages.

There are notes here - https://www.paypal.com/us/smarthelp/art ... er-faq3893

and their test site is here - https://www.sandbox.paypal.com/us/home
Please visit our sandbox site from each of your browsers. If the page loads, you are already upgraded.
Good to know what PayPal think, but personally I use this test site - https://www.ssllabs.com/ssltest/viewMyClient.html
thanks. I like the sslabs.com site.

The paypal test site did not work for me unless the sandbox site just loads a page. I could not log in there but could on their regular site.
User avatar
Frank Lion
Posts: 21173
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom
Contact:

Re: TLS 1.1?

Post by Frank Lion »

fixit7 wrote:The paypal test site did not work for me unless the sandbox site just loads a page. I could not log in there but could on their regular site.
Which is exactly what is supposed to happen for this simple test, unless you have also previously created Sandbox accounts - https://www.paypal.com/gb/smarthelp/art ... unt-ts1408

In fairness, PayPal do make it pretty clear what you have to do -
Please visit our sandbox site from each of your browsers. If the page loads, you are already upgraded.
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)
.
User avatar
fixit7
Posts: 233
Joined: May 19th, 2015, 3:11 pm

Re: TLS 1.1?

Post by fixit7 »

Thanks for the clarification.
Post Reply