Deprecated ciphers must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-102889 | DTBF235 | SV-111851r1_rule | Medium |
| Description |
|---|
| A weak cipher is defined as an encryption/decryption algorithm that uses a key of insufficient length. Using an insufficient length for a key in an encryption/decryption algorithm opens up the possibility (or probability) that the encryption scheme could be broken. |
| STIG | Date |
|---|---|
| Mozilla FireFox Security Technical Implementation Guide | 2020-06-19 |
Details
| Check Text ( C-101635r1_chk ) |
|---|
| Type "about:config" in the address bar, verify that the preference name “security.ssl3.rsa_des_ede3_sha" is set to “false” and locked. Criteria: If the parameter is set incorrectly, then this is a finding. If the setting is not locked, then this is a finding. |
| Fix Text (F-108429r1_fix) |
|---|
| Ensure the preference “security.ssl3.rsa_des_ede3_sha" is set and locked to the value of “false”. |