Comment 10 for bug 798672

We need to document the TLS Renegotiation prefs on MDC so SUMO folks have somewhere to point people having problems. These prefs are currently documented at https://wiki.mozilla.org/Security:Renegotiation but in a developer-oriented fashion.

The basic functionality was added to Firefox 3.6.2 and 3.5.9

What is new in Firefox 4 is the default for the pref security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

The setting is 'true' in the older branches and 'false' (safe) in FF4.

In the default settings the stable branches CAN renegotiate safely if the site supports the updated protocol. On the trunk we REQUIRE safe renegotiation. This will break some sites.

This still doesn't protect users against the more likely initial-negotiation attack (the one used against Twitter, for example). Until we turn on one or both of the other two prefs users have to rely entirely on the site to disable renegotiation or implement the new protocol.

The next step would be to disable positive SSL notification for broken sites with the pref security.ssl.treat_unsafe_negotiation_as_broken -- but currently too many sites are broken (including about a third of SSL sites that appear to have disabled renegotiation and are probably safe, but the browser can't tell).

The last step would be to enable the pref security.ssl.require_safe_negotiation and reject connections to any site without support for the new protocol. That will take a while if the SSLv2 experience teaches us anything.

Reopening the bug for Mr. Firefox (Johnathan) to agree documenting the new behavior is good enough and so Sheppy notices the dev-doc-needed (not sure his queries see closed bugs).