Confirm
563
edits
Changes
→security.ssl.require_safe_negotiation
If set to true, a Mozilla client will reject all connection attempts to servers that are still using the old SSL/TLS protocol and which might be vulnerable to the attack.
Setting this preference to “true” is the only way to guarantee full protection against the attack. Unfortunately, as of time of writing, this would break nearly all secure sites on the web. Update: As of December, this still applies for a majority of web sites.
Eventually, if enough sites have been upgraded to the new protocol versions, this preference will be set to “true” by default.
