alexander.schaeferdiek/privacy
1
0
Fork 0
Code Activity

Adapt to latest TLS changes

Browse source
This commit is contained in:
Alexander Schäferdiek 2020-09-14 19:32:07 +02:00
parent 48ecba99a7
commit 13afe82513
1 changed files with 13 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
thunderbird/user.js
View file

@ -89,27 +89,28 @@ user_pref("rss.display.prefer_plaintext", true);
user_pref("rss.show.content-base", 1); user_pref("rss.show.content-base", 1);
user_pref("security.family_safety.mode", 0); user_pref("security.family_safety.mode", 0);
user_pref("security.cert_pinning.enforcement_level", 2); user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.mixed_content.block_display_content", false); user_pref("security.mixed_content.block_display_content", true);
user_pref("security.mixed_content.upgrade_display_content", true); user_pref("security.mixed_content.upgrade_display_content", true);
user_pref("security.mixed_content.block_active_content", true); user_pref("security.mixed_content.block_active_content", true);
user_pref("security.OCSP.enabled", 0); user_pref("security.OCSP.enabled", 0);
user_pref("security.ssl.require_safe_negotiation", true); user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.tls.version.min", 3); user_pref("security.tls.version.min", 4);
// enable all below instead of the above min 4 if your mail provider doesn't support TLS v1.3 only
// user_pref("security.tls.version.min", 3);
// user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_sha", false);
// user_pref("security.ssl3.rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_des_ede3_sha", false);
user_pref("purple.logging.log_chats", false); user_pref("purple.logging.log_chats", false);
user_pref("purple.logging.log_ims", false); user_pref("purple.logging.log_ims", false);
user_pref("purple.logging.log_system", false); user_pref("purple.logging.log_system", false);
user_pref("purple.conversations.im.send_typing", false); user_pref("purple.conversations.im.send_typing", false);
user_pref("privacy.firstparty.isolate", true); user_pref("privacy.firstparty.isolate", true);
user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_aes_128_sha", false);
user_pref("security.ssl3.rsa_aes_256_sha", false);
user_pref("security.ssl3.rsa_des_ede3_sha", false);
user_pref("network.trr.resolvers", '[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" },{ "name": "NextDNS", "url": "https://trr.dns.nextdns.io/" },{ "name": "dnsforge.de", "url": "https://dnsforge.de/dns-query" },{ "name": "Digitale Gesellschaft (CH)", "url": "https://dns.digitale-gesellschaft.ch/dns-query" }, { "name": "Freifunk Muenchen", "url": "https://doh.ffmuc.net" }, { "name": "BlahDNS (DE)", "url": "https://doh-de.blahdns.com/dns-query" }, { "name": "BlahDNS (FI)", "url": "https://doh-fi.blahdns.com/dns-query" }, { "name": "Quad9", "url": "https://dns.quad9.net/dns-query" }]'); user_pref("network.trr.resolvers", '[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" },{ "name": "NextDNS", "url": "https://trr.dns.nextdns.io/" },{ "name": "dnsforge.de", "url": "https://dnsforge.de/dns-query" },{ "name": "Digitale Gesellschaft (CH)", "url": "https://dns.digitale-gesellschaft.ch/dns-query" }, { "name": "Freifunk Muenchen", "url": "https://doh.ffmuc.net" }, { "name": "BlahDNS (DE)", "url": "https://doh-de.blahdns.com/dns-query" }, { "name": "BlahDNS (FI)", "url": "https://doh-fi.blahdns.com/dns-query" }, { "name": "Quad9", "url": "https://dns.quad9.net/dns-query" }]');