user.js

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README
commit e95d2afc95e827a1712f9fc5d7847e637ae64770
parent 996e760f8cf34ab3db3ca92fe9ef38515d5be18a
Author: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date:   Fri, 18 Aug 2017 13:58:30 +1200

1205: disable TLS1.3 0-RTT
Diffstat:

Muser.js | 4++++


1 file changed, 4 insertions(+), 0 deletions(-)

diff --git a/user.js b/user.js
@@ -687,6 +687,10 @@ user_pref("security.ssl.disable_session_identifiers", true); // (hidden pref)
 user_pref("security.ssl.errorReporting.automatic", false);
 user_pref("security.ssl.errorReporting.enabled", false);
 user_pref("security.ssl.errorReporting.url", "");
+/* 1205: disable TLS1.3 0-RTT (round-trip time) (FF51+)
+ * [1] https://github.com/tlswg/tls13-spec/issues/1001
+ * [2] https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ ***/
+user_pref("security.tls.enable_0rtt_data", false); // (FF55+ default true)
 /** OCSP (Online Certificate Status Protocol)
     #Required reading [#] https://scotthelme.co.uk/revocation-is-broken/ ***/
 /* 1210: enable OCSP Stapling