Comment 5 for bug 798672

On https://developer.mozilla.org/NSS_3.12.6_release_notes
see the section titled SSL3 & TLS Renegotiation Indication Extension

the default setting is
# [2|r|R]: SSL_RENEGOTIATE_REQUIRES_XTN (default)
Only allows renegotiation if the peer's hello bears the TLS renegotiation_info extension. This is the safe renegotiation.

Downstream distributions can opt to change the default to
[3|t|T]: SSL_RENEGOTIATE_TRANSITIONAL
Disallows unsafe renegotiation in server sockets only, but allows clients to continue to renegotiate with vulnerable servers. This value should only be used during the transition period when few servers have been upgraded.