Don't enforce TLS v1.3 yet

thunderbird/user.js

@@ -95,18 +95,20 @@ user_pref("security.mixed_content.block_active_content", true);
 user_pref("security.OCSP.enabled", 0);
 user_pref("security.ssl.require_safe_negotiation", true);
 user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
-user_pref("security.tls.version.min", 4);
+// Set to TLS v1.3 min (= 4, = 3 otherwise)
-// enable all below instead of the above min 4 if your mail provider doesn't support TLS v1.3 only
+user_pref("security.tls.version.min", 3);
-// user_pref("security.tls.version.min", 3);
+// BEGIN - enable all below instead of the above min 4 if your mail provider doesn't support TLS v1.3 only
-// user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
+user_pref("security.tls.version.min", 3);
-// user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
+user_pref("security.ssl3.dhe_rsa_aes_128_sha", false);
-// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
+user_pref("security.ssl3.dhe_rsa_aes_256_sha", false);
-// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
+user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
-// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
+user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
-// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
+user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
-// user_pref("security.ssl3.rsa_aes_128_sha", false);
+user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
-// user_pref("security.ssl3.rsa_aes_256_sha", false);
+user_pref("security.ssl3.rsa_aes_128_sha", false);
-// user_pref("security.ssl3.rsa_des_ede3_sha", false);
+user_pref("security.ssl3.rsa_aes_256_sha", false);
+user_pref("security.ssl3.rsa_des_ede3_sha", false);
+// END - enable all above instead of the above min 4 if your mail provider doesn't support TLS v1.3 only
 user_pref("purple.logging.log_chats", false);
 user_pref("purple.logging.log_ims", false);
 user_pref("purple.logging.log_system", false);