From 58f127c1d5f8c89b9e55803701f734756d1cfa2a Mon Sep 17 00:00:00 2001
From: Ruben Rodriguez <ruben@gnu.org>
Date: Wed, 24 Jun 2015 20:16:13 +0200
Subject: The logjam attack [https://weakdh.org/] allows an attacker to
 impersonate servers that support weak keys. This change implements
 https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/

---
 data/settings.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/data/settings.js b/data/settings.js
index 8f48486..7356840 100644
--- a/data/settings.js
+++ b/data/settings.js
@@ -183,3 +183,9 @@ pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.ph
 pref("keyword.URL", "https://duckduckgo.com/html?t=gnu&q=!+");
 pref("browser.search.defaultenginename", "DuckDuckGo");
 pref("browser.search.order.extra.duckduckgo", "DuckDuckGo");
+
+// https://directory.fsf.org/wiki/Disable_DHE
+pref("security.ssl3.dhe_rsa_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_aes_256_sha", false);
+pref("security.ssl3.dhe_dss_aes_128_sha", false);
+pref("security.ssl3.dhe_rsa_des_ede3_sha", false);
-- 
cgit v1.2.3