I'm curious as to why you want this? It's not the users fault that they are running into TLS 1.0/1.1 sites. Where are these TLS 1.0/1.1 sites coming from? Are they internal sites that need to be upgraded?
What you're proposing will train your users to click "bypass" on security pages like that which I don't think you want to do. Mike Kaply On Mon, Feb 1, 2021 at 5:06 AM <marius.ta...@orange.com> wrote: > Hello, > > > > We currently have TLS enabled from 1.0 to 1.3 (SSLversionmin to 1 and > SSLversionmax to 1.3) and we would like to set up the following > configuration : > > - Remove the 2 parameters SSLversionmin and SSLversionmax > > - When the user browses a TLS 1.0 or TLS 1.1 site, it shows a > “SSL_ERROR_UNSUPPORTED_VERSION” error, with a button “Enable TLS 1.0 and > 1.1” : we would like to have this error message appearing every time the > user launches Firefox (we don’t want the user to click it once and have > forever *security.tls.version.enable-deprecated* set to true, but we want > the user having to click it every time) > > > > It would be easy to set this up by setting > *security.tls.version.enable-deprecated* to *false* in the GPO (then it’s > set to *false* when the user launches Firefox, and if he clicks the > button, it’s set to *true* temporarily during his session but the next > time he launches it would be reset to false again) > > > > But unfortunately for us, it’s not in the Preferences part of the ADMX ( > https://github.com/mozilla/policy-templates/blob/v2.7/README.md#preferences > ) > > > > Would it be possible to have it added in the ADMX in a near future? > > > > Thank you very much for your answer! > > > > Cordialement / Best regards, > > [image: http://www.orange.com/sirius/logos_mail/orange_logo.gif] > <http://www.orange.com/> > > *Marius TARLO* > Maintenance e-buro > * Orange* > <http://annuaire.sso.infra.ftgroup/entities/ou=Orange,ou=entities>/*OBS* > <http://annuaire.sso.infra.ftgroup/entities/ou=OBS,ou=Orange,ou=entities>/ > *SCE* > <http://annuaire.sso.infra.ftgroup/entities/ou=SCE,ou=OBS,ou=Orange,ou=entities> > /*OCB SUBS* > <http://annuaire.sso.infra.ftgroup/entities/ou=OCB%20SUBS,ou=SCE,ou=OBS,ou=Orange,ou=entities> > /*DACF* > <http://annuaire.sso.infra.ftgroup/entities/ou=DACF,ou=OCB%20SUBS,ou=SCE,ou=OBS,ou=Orange,ou=entities> > /*DS* > <http://annuaire.sso.infra.ftgroup/entities/ou=DS,ou=DACF,ou=OCB%20SUBS,ou=SCE,ou=OBS,ou=Orange,ou=entities> > /*CS* > <http://annuaire.sso.infra.ftgroup/entities/ou=CS,ou=DS,ou=DACF,ou=OCB%20SUBS,ou=SCE,ou=OBS,ou=Orange,ou=entities> > /*TMI ORA* > <http://annuaire.sso.infra.ftgroup/entities/ou=TMI%20ORA,ou=CS,ou=DS,ou=DACF,ou=OCB%20SUBS,ou=SCE,ou=OBS,ou=Orange,ou=entities> > > *Orange* > <http://annuaire.sso.infra.ftgroup/entities/ou=Orange,ou=entities>/*TGI* > <http://annuaire.sso.infra.ftgroup/entities/ou=TGI,ou=Orange,ou=entities>/ > *OLS* > <http://annuaire.sso.infra.ftgroup/entities/ou=OLS,ou=TGI,ou=Orange,ou=entities> > /*DIESE* > <http://annuaire.sso.infra.ftgroup/entities/ou=DIESE,ou=OLS,ou=TGI,ou=Orange,ou=entities> > /*DWS* > <http://annuaire.sso.infra.ftgroup/entities/ou=GWIS,ou=DIESE,ou=OLS,ou=TGI,ou=Orange,ou=entities> > /*ESM* > <http://annuaire.sso.infra.ftgroup/entities/ou=MSSM,ou=GWIS,ou=DIESE,ou=OLS,ou=TGI,ou=Orange,ou=entities> > tél. +33 1 42 75 34 25 > marius.ta...@orange.com > > > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu > ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages > electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou > falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete > this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been > modified, changed or falsified. > Thank you. > > _______________________________________________ > Enterprise mailing list > Enterprise@mozilla.org > https://mail.mozilla.org/listinfo/enterprise > > To unsubscribe from this list, please visit > https://mail.mozilla.org/listinfo/enterprise or send an email to > enterprise-requ...@mozilla.org with a subject of "unsubscribe" >
_______________________________________________ Enterprise mailing list Enterprise@mozilla.org https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to enterprise-requ...@mozilla.org with a subject of "unsubscribe"
