The logjam attack [https://weakdh.org/] allows an attacker to impersonate servers that support weak keys. This change implements https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/

author: Ruben Rodriguez <ruben@gnu.org> 2015-06-24 20:16:13 +0200
committer: Ruben Rodriguez <ruben@gnu.org> 2015-06-24 20:16:13 +0200
commit: 58f127c1d5f8c89b9e55803701f734756d1cfa2a (patch)
tree: 807636d90a64e17f578de621198179eb3bdf7596 /data/settings.js
parent: fcf451a30770779086a854baa89aada6620c1908 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/data/settings.js b/data/settings.js
index 8f48486..7356840 100644
--- a/data/settings.js
+++ b/data/settings.js
@@ -183,3 +183,9 @@ pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.ph
 pref("keyword.URL", "https://duckduckgo.com/html?t=gnu&q=!+");
 pref("browser.search.defaultenginename", "DuckDuckGo");
 pref("browser.search.order.extra.duckduckgo", "DuckDuckGo");
+
+// https://directory.fsf.org/wiki/Disable_DHE
+pref("security.ssl3.dhe_rsa_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_aes_256_sha", false);
+pref("security.ssl3.dhe_dss_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_des_ede3_sha", false);
author	Ruben Rodriguez <ruben@gnu.org>	2015-06-24 20:16:13 +0200
committer	Ruben Rodriguez <ruben@gnu.org>	2015-06-24 20:16:13 +0200
commit	58f127c1d5f8c89b9e55803701f734756d1cfa2a (patch)
tree	807636d90a64e17f578de621198179eb3bdf7596 /data/settings.js
parent	fcf451a30770779086a854baa89aada6620c1908 (diff)