05:10:26 <IsambardPrince> TLS 1.0 and 1.1 should be removed before the next update is final.
05:10:48 <IsambardPrince> These are old and have been unsupported in other browsers for over three years and have known vulnerabilities.
05:11:35 <IsambardPrince> Is there some real reason to keep them or is it just enabling downgrade attacks on the user for no real reason?
16:06:50 <MattATobin> tls 1.0 1.1 and ssl 3.0 should be kept but disabled by default
16:06:59 <MattATobin> there are still valid edge cases that would need em
16:07:02 <MattATobin> routers are one
16:08:16 <MattATobin> try and preserve as old of a spec as you can .. is my general recommendation but if it is critical as these old sec standards are they should have their checkboxes but functionality should be saved and activatable by pref
16:08:31 <MattATobin> but do a pref reset of sec as a runonce in profile migration
16:08:38 <MattATobin> .. Or do whatever you feel is best.
16:08:40 <MattATobin> ;)
16:26:53 <frg_Away> It if now off by default for a few releases.
16:27:55 <frg_Away> But as stated some old local gear might need it. I wouldn't still use a router needing it but there is still other stuff around.
16:36:31 <MattATobin> i mean if it comes down to a hard nss requirement then maybe a little more thinking but if it is just your internal policy.. i encurage you to set sane defaults and perhaps remove a few ui checkboxes but leave the capability as long as it isn't a hinderance otherwise for such cases
16:36:46 <CaptainTobin> i mean if it comes down to a hard nss requirement then maybe a little more thinking but if it is just your internal policy.. i encurage you to set sane defaults and perhaps remove a few ui checkboxes but leave the capability as long as it isn't a hinderance otherwise for such cases
16:36:54 <CaptainTobin> in case matrix bridge didn't translate