TLS 1.0 and 1.1 are now disabled upstream (see #11154 (closed)), but TLS 1.2 contains ciphers suites using SHA-1 (_SHA). We can think about disabling those due the known weakness of SHA-1.
Designs
Child items 0
Show closed items
No child items are currently assigned. Use child items to break down this issue into smaller parts.
this may be a duplicate of #32796 (closed) - but as I'm going through this, I see there is pretty much nothing in common with the lists. What is the purpose of this ticket?
that list above looks rather long and we do not want to be flipping 15 prefs - shit WILL break [and I am not a cipher expert]
https://browserleaks.com/ssl seems to be down or no longer maintained: but from memory they listed a bunch of ciphers as "non-modern" - i think it's these ones
So, yes, anything ending in CBC_SHA we can enforce as false. Your list has NONE of these listed. these six are in your list (damnit, the prefs don't contain cbc)
The other two ciphers that at least arkenfox has mentioned in the past as somewhat weak these two, because they have no perfect forward secrecy - these two ARE in your list
// no telemetry - : n/a : TLS_RSA_WITH_AES_128_GCM_SHA256 - : n/a : TLS_RSA_WITH_AES_256_GCM_SHA384 // user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS // user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
So that's it. I agree we can likely disable SIX prefs based on telemetry and being really old, and maybe TWO more prefs (but we lack telemetry). All the rest sounds like you just want to break encryption (IANAExpert on ciphers but there will be a reason they are true by default)
edit: updated to correct that all eight are in richard's list
sorry if I misinterpreted what the list was for. If that is the complete list of all prefs, then yes, anything ending in _sha = eight prefs (two of which are default false) = which leaves the six "non-modern" ciphers all of which we have telemetry for and all of which are super low usage and we should be able to flip given telemetry
for the record and patch (but you should double check, these names/strings are somewhat convoluted/easy-to-mix-up)
That's not an issue, because we've been locking security.tls.version.enable-deprecated to false (which overrides the deprecated cyphersuite prefs) for ~10 years now.