Closed Bug 56865 Opened 24 years ago Closed 24 years ago

Turn off TLS by default

Categories

(Core Graveyard :: Security: UI, enhancement, P3)

1.0 Branch
enhancement

Tracking

(Not tracked)

VERIFIED INVALID

People

(Reporter: junruh, Assigned: ddrinan0264)

Details

(Whiteboard: RFE[need info])

Making Netscape 6 inoperable at some secure sites, such as banks and merchants who run IBM servers, does not seem like a smart move, especially since bug 33772 is open- "No warning when connection is not possible." The user is not given an explanation on why the browser cannot connect. There is a workaround, which is to turn off TLS in the Security Manager UI, but only a tiny fraction of users would know to do that. I vote for turning off TLS by default, and those users who want to stick with TLS can turn it on.
rtm
Keywords: rtm
This seems like a good thing to work on. If you're working on it please put [rtm need info] in the status whiteboard. How soon could we get a small, safe patch for this fix?
Whiteboard: [need info]
The concensus in the Security group is that TLS should be turned on by default, which it already is, so I'm just going to mark this invalid, especially after hearing ekrock speak at the Seamonkey meeting yesterday. The topic was "Fix the web".
Severity: normal → enhancement
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → INVALID
Whiteboard: [need info] → RFE[need info]
Target Milestone: --- → Future
John, do you feel this should be release noted?
There should be a release note stating that some secure sites are not TLS compatible, and that to reach them, you can open the Security Manager, click on Advanced, Options, and turn off TLS. Eventually, most everyone is going to run into this kind of site, and if they read the release notes, that would help them out.
Keywords: relnoteRTM
John - can you update the release note tracking bug: http://bugzilla.mozilla.org/show_bug.cgi?id=50809
Release noted - "Some secure (https) web sites are not TLS compatible. TLS is the new version of SSL. If you are having trouble reaching a particular secure web site, try turning off TLS for that site. To do so, click on Tasks, Privacy and Security, and open the Personal Security Manager. Click on Advanced, Options, and turn off TLS."
Status: RESOLVED → VERIFIED
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: Future → ---
Version: other → 2.1
Mass changing Security:Crypto to PSM
Product: PSM → Core
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.