diff options
| author | bors-servo <lbergstrom+bors@mozilla.com> | 2018-12-22 01:07:01 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-22 01:07:01 -0500 |
| commit | 0fcc9b4ec7f320de893ea25d8ee45e575619e2ce (patch) | |
| tree | 527d57e2d67dfe71e97b1e1dbf4571a742cc27f4 /components/script/dom | |
| parent | 9caf215beb53165e3f411a15bf7e4b2922ff22ae (diff) | |
| parent | 027154ecf0beb544be271329e01d447ba49781f6 (diff) | |
| download | servo-0fcc9b4ec7f320de893ea25d8ee45e575619e2ce.tar.gz servo-0fcc9b4ec7f320de893ea25d8ee45e575619e2ce.zip | |
Auto merge of #22243 - Darkspirit:cipherlist_cleanup, r=avadacatavra
Cleanup of default ciphersuite list
* don't offer DHE ciphersuites like Chrome (Firefox is in [progress](https://www.fxsitecompat.com/en-CA/docs/2018/dhe-cipher-suites-are-no-longer-supported-in-webrtc/) of deprecating DHE as well)
* don't offer AES-CBC-SHA2 like Firefox and Chrome
* don't offer AES-GCM for plain RSA like Firefox
* don't offer ECDSA with AES-CBC like Chrome
* don't offer weak DES-CBC3-SHA
* prefer AES256 over AES128 like [Mozilla Modern](https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility), Safari and Edge
(The last line of cipher suites would be removed in the future when Servo deprecates TLS 1.0/1.1 and switches to Rustls.)
You can compare Firefox and Chrome with https://www.ssllabs.com/ssltest/viewMyClient.html.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/22243)
<!-- Reviewable:end -->
Diffstat (limited to 'components/script/dom')
0 files changed, 0 insertions, 0 deletions