diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2015-07-28 14:17:57 -0600 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2015-07-29 08:45:50 -0400 |
commit | bb1011ce19730ec168512205dfcf5f0b5d9e4657 (patch) | |
tree | a530fcd9b94f519f5ea3177ee8c4a8036a782070 | |
parent | 5611b6db2332d1a285cfebf29aa8e6ff617fb516 (diff) | |
download | mod_nss-bb1011ce19730ec168512205dfcf5f0b5d9e4657.tar.gz mod_nss-bb1011ce19730ec168512205dfcf5f0b5d9e4657.tar.xz mod_nss-bb1011ce19730ec168512205dfcf5f0b5d9e4657.zip |
Add 'v' to refererences of protocols (e.g. SSLv3)
BZ #1066236
-rw-r--r-- | docs/mod_nss.html | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/docs/mod_nss.html b/docs/mod_nss.html index 2d349b6..19d8fef 100644 --- a/docs/mod_nss.html +++ b/docs/mod_nss.html @@ -398,7 +398,7 @@ Deprecated.<br> <br> <big><big>NSSSession3CacheTimeout<br> </big></big><br> -Specifies the number of seconds SSL 3 sessions are cached.<br> +Specifies the number of seconds SSLv3 sessions are cached.<br> <br> The valid range is 5 - 86400 seconds. A setting outside the valid range is silently constrained.<br> @@ -453,7 +453,7 @@ Example</span><br> <br> Enables or disables FIPS 140 mode. This replaces the standard internal PKCS#11 module with a FIPS-enabled one. It also forces the -enabled protocols to TLSv1.2, TLSv1.1 and TLS v1.0 and disables all ciphers +enabled protocols to TLSv1.2, TLSv1.1 and TLSv1.0 and disables all ciphers but the FIPS ones. You may still select which ciphers you would like limited to those that are FIPS-certified. Any non-FIPS that are included in the NSSCipherSuite entry are automatically disabled. @@ -881,8 +881,8 @@ and the maximum allowed protocols based upon these entries allowing for the inclusion of every protocol in-between. For example, if only SSLv3 and TLSv1.1 are specified, SSLv3, TLSv1.0, and TLSv1.1 will all be allowed, as NSS utilizes protocol ranges to accept all protocols inclusively -(TLS 1.1 -> TLS 1.0 -> SSL 3.0), and does not allow exclusion of any protocols -in the middle of a range (e. g. - TLS 1.0).<br> +(TLSv1.1 -> TLSv1.0 -> SSLv3.0), and does not allow exclusion of any protocols +in the middle of a range (e. g. - TLSv1.0).<br> <br> Finally, NSS will always automatically negotiate the use of the strongest possible protocol that has been specified which is acceptable to both sides of @@ -1505,9 +1505,10 @@ certutil: certificate is valid</code><br> <h1><a name="SSLv2"></a>Why is SSLv2 disabled?</h1> All major browsers (Firefox, Internet Explorer, Mozilla, Netscape, Opera, and -Safari) support SSL 3 and TLS so there is no need for a web server to support -SSL 2. There are some known attacks against SSL 2 that are handled by SSL -3/TLS. SSL2 also doesn't support useful features like client authentication. +Safari) support SSLv3 and TLS so there is no need for a web server to support +SSLv2. There are some known attacks against SSLv2 that are handled by +SSLv3/TLS. SSLv2 also doesn't support useful features like client +authentication. <br> <h1><a name="FAQ"></a>Frequently Asked Questions</h1> |