If I have TLS 1.0,1.1, and 1.2 checked off, will my browser use the most secure version whenever it connnects?
Thanks.
TLS use
-
- Posts: 1361
- Joined: December 15th, 2015, 1:20 pm
Re: TLS use
no. TLS 1.3 is disabled by default for now in SeaMonkey 2.49. Let TLS 1.1 and TLS 1.2 be checked.
- James
- Moderator
- Posts: 28005
- Joined: June 18th, 2003, 3:07 pm
- Location: Made in Canada
Re: TLS use
Firefox 59.0 and later supports TLS 1.3 though 60.0 has it enabled by default. https://www.mozilla.org/firefox/60.0/releasenotes/
Firefox has supported TLS 1.2 by default since Firefox 27.0 Release (Feb 4, 2014) (or any SeaMonkey using Gecko 27.0 or later) as per Bug#861266
Firefox has supported TLS 1.2 by default since Firefox 27.0 Release (Feb 4, 2014) (or any SeaMonkey using Gecko 27.0 or later) as per Bug#861266
- therube
- Posts: 21714
- Joined: March 10th, 2004, 9:59 pm
- Location: Maryland USA
Re: TLS use
(Presumably) a browser will negotiate the highest security level available?
While you may not want to use a lessor level, there are still sites about that still don't support higher levels, so if you disable the lower levels, you also won't be able to load those sites. (If that is not a concern...)
Likewise, the number of sites supporting 1.3, the uptake of 1.3 would be limited at this time, so by not having it enabled, presently, isn't such a big concern. (And obviously that will change over time.)
While you may not want to use a lessor level, there are still sites about that still don't support higher levels, so if you disable the lower levels, you also won't be able to load those sites. (If that is not a concern...)
Likewise, the number of sites supporting 1.3, the uptake of 1.3 would be limited at this time, so by not having it enabled, presently, isn't such a big concern. (And obviously that will change over time.)
Fire 750, bring back 250.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
-
- Posts: 8779
- Joined: May 7th, 2007, 12:07 pm
Re: TLS use
If I set TLS max in about:config to 4 (which would be for 1.3), will SeaMonkey simply ignore that, or use 1.3?
-
- Posts: 1361
- Joined: December 15th, 2015, 1:20 pm
Re: TLS use
It should work but I am not sure what was the cause leading to disabling it. We disabled it following Fx 52. I think at this time there was a potential security problem with it and not sure if code changed in later Gecko releases.
https://bugzilla.mozilla.org/show_bug.cgi?id=1342082
https://bugzilla.mozilla.org/show_bug.cgi?id=1342752
https://bugzilla.mozilla.org/show_bug.cgi?id=1342082
https://bugzilla.mozilla.org/show_bug.cgi?id=1342752