From Mozilla Firefox Security Technical Implementation Guide
Part of DTBF030 - Firefox Preferences TLS Protocols
Associated with: CCI-002450
Use of versions prior to TLS 1.1 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in compliance with the Network Infrastructure and Secure Remote Computing STIGs.
Open a browser window, type "about:config" in the address bar. Verify Preference Name "security.enable_tls" is set to the value "true" and locked. Verify Preference Name "security.tls.version.min" is set to the value "2" and locked. Verify Preference Name "security.tls.version.max" is set to the value "3" and locked. Criteria: If the parameters are set incorrectly, then this is a finding. If the settings are not locked, then this is a finding.
Configure the following parameters using the Mozilla.cfg file: LockPref "security.enable_tls" is set to "true". LockPref "security.tls.version.min" is set to "2". LockPref "security.tls.version.max" is set to "3".
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer