From MozillaZine Knowledge Base

Background

The Secure Socket Layer protocol (SSL) and its successor, the Transport Layer Security protocol (TLS), define how a browser or e-mail client communicates with a server using an encrypted connection or data stream. There are various versions of this protocol where TLS can be thought of as the continuation of SSL with a new numbering scheme. Versions used between the client software and the server have to match, thus both sides have to support at least one common version.

SSL 3.0 is currently the lowest accepted encryption protocol, TLS 1.2 the highest defined. TLS 1.0 is the equivalent of a hypothetical SSL 3.1 version, TLS 1.1 an update to TLS 1.2, etc. Some institutions prohibit the use of SSL 3.0 due to security concerns, thus it has to be disabled. TLS 1.2 support has been added with NSS 3.15.1 for Gecko 24.0. TLS 1.1 and TLS 1.2 are not yet widely supported by many servers, and need finalization of some components in the Mozilla backend, thus SSL 3.0 and TLS 1.0 are currently supported by default.

You can disable SSL 3.0 or enable TLS 1.1/1.2 by using these preferences, or enforce the use of a specific protocol version. At initiation of a secure connection, the highest selected version (maximum supported protocol) will be attempted first. If support by the server isn't indicated or the attempt fails, the next lower version will be attempted until the lowest allowed version (minimum required protocol) is reached (see however Caveats for TLS 1.1/1.2 fallback handling). If it fails as well, the connection eventually fails with an error.

Possible values and their effects

Both security.tls.version.min and security.tls.version.max can currently range from 0 to 3, which will be extended once further protocol versions are supported. Together, the two preferences specify the range of protocols which are supported:

• security.tls.version.min specifies the minimum required protocol version (thus, the lowest version allowed to fall back to when higher versions are not available).
• security.tls.version.max specifies the maximum supported protocol version (thus, the highest version to initiate a connection with before falling back to lower versions).

If security.tls.version.min and security.tls.version.max are equal, only one protocol version will be supported. The behavior is undefined if security.tls.version.min is larger than the security.tls.version.max value.

0

SSL 3.0 is the minimum required / maximum supported encryption protocol. (Default up to FF/TB 33.0 and SM 2.30 for minimum version.)

1

TLS 1.0 is the minimum required / maximum supported encryption protocol. (This is the current default for the minimum required version.)

2

TLS 1.1 is the minimum required / maximum supported encryption protocol.

3

TLS 1.2 is the minimum required / maximum supported encryption protocol. (This is the current default for the maximum supported version.)

Caveats

• These preferences replace the deprecated security.enable_ssl3 and security.enable_tls boolean settings. Upon upgrade, the old preferences are not automatically migrated. Instead, the user has to reinstate any limitations such as prohibiting fallback to SSL 3.0 (in this case by setting security.tls.version.min to 1, indicating TLS 1.0 being the minimum required protocol).
• It is not possible to skip intermediate protocols. For example, supporting SSL 3.0 and TLS 1.1 implies that TLS 1.0 is supported as well.
• After an exploit of the SSL 3.0 protocol (POODLE), SSL 3.0 is disabled by default starting with Gecko 34. Legacy websites no supporting TLS 1.x may still require it, thus you may want to reenable it if needed by such a site, but keep in mind that it may open you to attacks.

UI

Firefox

The UI for selecting the required range of encryption protocols has been removed in Firefox 23.0 and later, thus you'll need to change them in about:config.

SeaMonkey

SeaMonkey continues to provide a UI in the Edit → Preferences → Privacy & Security → SSL tab. A third box for TLS 1.1 has been added with version 2.20, and another box for TLS 1.2 with SeaMonkey 2.21; the logic disallows selection of protocol combinations not supported by these preferences. (There is a forum thread discussing the UI variants.)

Thunderbird

Thunderbird doesn't offer any UI for these options, thus you'll have to use the Config Editor to change them.

First checked in

2013-04-12 by Brian Smith

Has an effect in

• Firefox and Thunderbird (nightly trunk builds since 2013-04-13; 23.0a1 and later)
• SeaMonkey (nightly trunk builds since 2013-04-13; 2.20a1 and later)

Related bugs

• Bug 733642 - Allow the user to enable any version of TLS that libssl supports, maintaining our current defaults (Core)
• Bug 733632 - Remove TLS version UI (Options → Advanced → Encryption → Protocols) (Firefox)
• Bug 861471 - Update the SSL Preference Pane after bug 733642 changed preference names and semantics (SeaMonkey)
• Bug 733647 - Implement TLS 1.1 in Gecko, on by default
• Bug 839310 - Add insecure fallback from TLS 1.1 → TLS 1.0
• Bug 480514 - Implement TLS 1.2
• Bug 1076983 - (POODLE) Padding oracle attack on SSL 3.0
• Bug 1250568 - Allow enabling TLS 1.3

See also

• SSL is disabled

External links

• The Transport Layer Security (TLS) Protocol, Version 1.1
• The Transport Layer Security (TLS) Protocol, Version 1.2
• Wikipedia - Transport Layer Security