From 117171fcc58bf5a9b4bbf487d3749c498e19b905 Mon Sep 17 00:00:00 2001 From: Michael Kaply <345868+mkaply@users.noreply.github.com> Date: Wed, 24 Jun 2020 16:18:32 -0500 Subject: [PATCH] Update DisabledCiphers policy --- README.md | 18 ++++++++++++++++- mac/org.mozilla.firefox.plist | 4 ++++ windows/de-DE/firefox.adml | 32 ++++++----------------------- windows/en-US/firefox.adml | 32 ++++++----------------------- windows/es-ES/firefox.adml | 32 ++++++----------------------- windows/firefox.admx | 38 ++++++++++++++++++++++++++--------- windows/fr-FR/firefox.adml | 32 ++++++----------------------- windows/it-IT/firefox.adml | 32 ++++++----------------------- windows/zh-TW/firefox.adml | 32 ++++++----------------------- 9 files changed, 86 insertions(+), 166 deletions(-) diff --git a/README.md b/README.md index 875fa60..0eed6c5 100644 --- a/README.md +++ b/README.md @@ -948,7 +948,13 @@ Value (string): ### DisabledCiphers Disable specific cryptographic ciphers. -**Compatibility:** Firefox 76, Firefox ESR 68.8\ +--- +**Note:** + +This policy was updated in Firefox 78 to allow enabling ciphers as well. Setting the value to true disables the cipher, setting the value to false enables the cipher. Previously setting the value to true or false disabled the cipher. + +--- +**Compatibility:** Firefox 76, Firefox ESR 68.8 (TLS_RSA_WITH_AES_128_GCM_SHA256 and TLS_RSA_WITH_AES_256_GCM_SHA384 were added in Firefox 78)\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** N/A @@ -963,6 +969,8 @@ Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_ECDHE_ECDSA_WITH_AES_128_G Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_128_CBC_SHA = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_256_CBC_SHA = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x1 | 0x0 ``` #### Windows (Intune) OMA-URI: @@ -976,6 +984,8 @@ OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_128_CBC_SHA ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_256_CBC_SHA ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_3DES_EDE_CBC_SHA +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_128_GCM_SHA256 +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DisabledCiphers/DisabledCiphers_TLS_RSA_WITH_AES_256_GCM_SHA384 ``` Value (string): ``` @@ -1004,6 +1014,10 @@ Value (string): | TLS_RSA_WITH_3DES_EDE_CBC_SHA | + TLS_RSA_WITH_AES_128_GCM_SHA256 + | + TLS_RSA_WITH_AES_256_GCM_SHA384 + | ``` @@ -1021,6 +1035,8 @@ Value (string): "TLS_RSA_WITH_AES_128_CBC_SHA": true | false, "TLS_RSA_WITH_AES_256_CBC_SHA": true | false, "TLS_RSA_WITH_3DES_EDE_CBC_SHA": true | false + "TLS_RSA_WITH_AES_128_GCM_SHA256": true | false + "TLS_RSA_WITH_AES_256_GCM_SHA384": true | false } } } diff --git a/mac/org.mozilla.firefox.plist b/mac/org.mozilla.firefox.plist index 501cf4d..267a7c9 100644 --- a/mac/org.mozilla.firefox.plist +++ b/mac/org.mozilla.firefox.plist @@ -153,6 +153,10 @@ TLS_RSA_WITH_3DES_EDE_CBC_SHA + TLS_RSA_WITH_AES_128_GCM_SHA256 + + TLS_RSA_WITH_AES_256_GCM_SHA384 + DisableDeveloperTools diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml index 62fe32b..ed90291 100644 --- a/windows/de-DE/firefox.adml +++ b/windows/de-DE/firefox.adml @@ -733,41 +733,21 @@ Wenn diese Richtlinie aktiviert oder nicht konfiguriert ist, werden Firefox-Funk Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, werden Aktionen empfohlen, die darauf basieren, was der Benutzer in die Adressleiste eingibt. TLS_DHE_RSA_WITH_AES_128_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_DHE_RSA_WITH_AES_128_CBC_SHA Cipher deaktiviert. - -Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, ist der TLS_DHE_RSA_WITH_AES_128_CBC_SHA Cipher aktiviert. TLS_DHE_RSA_WITH_AES_256_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_DHE_RSA_WITH_AES_256_CBC_SHA Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA Cipher aktiviert. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Cipher aktiviert. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Cipher aktiviert. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Cipher aktiviert. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Cipher aktiviert. TLS_RSA_WITH_AES_128_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_RSA_WITH_AES_128_CBC_SHA Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA Cipher aktiviert. TLS_RSA_WITH_AES_256_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_RSA_WITH_AES_256_CBC_SHA Cipher deaktiviert. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA Cipher aktiviert. TLS_RSA_WITH_3DES_EDE_CBC_SHA - Wenn diese Richtlinieneinstellung deaktiviert ist, ist der TLS_RSA_WITH_3DES_EDE_CBC_SHA Cipher deaktiviert. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA Cipher aktiviert. +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. DRM-Medien Erweiterungen Wenn diese Richtlinieneinstellung deaktiviert ist, werden DRM-Medien Erweiterungen (wie z.B. Widevine) nicht durch Mozilla Firefox heruntergeladen außer der Nutzer stimmt dem Download explizit zu. diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 28d031b..0e7c78c 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -735,41 +735,21 @@ If this policy is enabled or not configured, Firefox features wil be recommended If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. TLS_DHE_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. TLS_DHE_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. TLS_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. TLS_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_RSA_WITH_3DES_EDE_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. Enable Encrypted Media Extensions If this policy is disabled, encrypted media extensions (like Widevine) are not downloaded by Firefox unless the user consents to installing them. diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml index dc21212..3b7899e 100644 --- a/windows/es-ES/firefox.adml +++ b/windows/es-ES/firefox.adml @@ -735,41 +735,21 @@ Si esta política está habilitada o no está configurada, se recomendarán las Si esta política está habilitada o no está configurada, se recomendarán acciones en función de lo que el usuario escriba en la barra de URL. TLS_DHE_RSA_WITH_AES_128_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_DHE_RSA_WITH_AES_128_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_DHE_RSA_WITH_AES_128_CBC_SHA está habilitado. TLS_DHE_RSA_WITH_AES_256_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_DHE_RSA_WITH_AES_256_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_DHE_RSA_WITH_AES_256_CBC_SHA está habilitado. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA está habilitado. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA está habilitado. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - Si esta política está deshabilitada, el cifrado TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 está habilitado. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - Si esta política está deshabilitada, el cifrado TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 está habilitado. TLS_RSA_WITH_AES_128_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_RSA_WITH_AES_128_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_RSA_WITH_AES_128_CBC_SHA está habilitado. TLS_RSA_WITH_AES_256_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_RSA_WITH_AES_256_CBC_SHA está deshabilitado. - -Si esta política está habilitada o no está configurada, el cifrado TLS_RSA_WITH_AES_256_CBC_SHA está habilitado. TLS_RSA_WITH_3DES_EDE_CBC_SHA - Si esta política está deshabilitada, el cifrado TLS_RSA_WITH_3DES_EDE_CBC_SHA está deshabilitado. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -Si esta política está habilitada o no está configurada, el cifrado TLS_RSA_WITH_3DES_EDE_CBC_SHA está habilitado. +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. Habilitar extensiones de medios cifrados Si esta política está deshabilitada, Firefox no descargará las extensiones de medios cifrados (como Widevine) a menos que el usuario consienta en instalarlas. diff --git a/windows/firefox.admx b/windows/firefox.admx index 161df0c..d4aea08 100644 --- a/windows/firefox.admx +++ b/windows/firefox.admx @@ -3457,7 +3457,7 @@ - + @@ -3467,7 +3467,7 @@ - + @@ -3477,7 +3477,7 @@ - + @@ -3487,7 +3487,7 @@ - + @@ -3497,7 +3497,7 @@ - + @@ -3507,7 +3507,7 @@ - + @@ -3517,7 +3517,7 @@ - + @@ -3527,7 +3527,7 @@ - + @@ -3537,7 +3537,7 @@ - + @@ -3547,6 +3547,26 @@ + + + + + + + + + + + + + + + + + + + + diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml index 0baaeec..2b220e8 100644 --- a/windows/fr-FR/firefox.adml +++ b/windows/fr-FR/firefox.adml @@ -734,41 +734,21 @@ Si cette politique est activée ou non configurée, les fonctionnalités de Fire Si cette stratégie est activée ou non configurée, des actions seront recommandées en fonction de ce que l'utilisateur tape dans la barre d'URL. TLS_DHE_RSA_WITH_AES_128_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_DHE_RSA_WITH_AES_128_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_DHE_RSA_WITH_AES_128_CBC_SHA est activé. TLS_DHE_RSA_WITH_AES_256_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_DHE_RSA_WITH_AES_256_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_DHE_RSA_WITH_AES_256_CBC_SHA est activé. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA est activé. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA est activé. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - Si cette stratégie est désactivée, le chiffrement TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 est activé. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - Si cette stratégie est désactivée, le chiffrement TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 est activé. TLS_RSA_WITH_AES_128_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_RSA_WITH_AES_128_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_RSA_WITH_AES_128_CBC_SHA est activé. TLS_RSA_WITH_AES_256_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_RSA_WITH_AES_256_CBC_SHA est désactivé. - -Si cette stratégie est activée ou non configurée, le chiffrement TLS_RSA_WITH_AES_256_CBC_SHA est activé. TLS_RSA_WITH_3DES_EDE_CBC_SHA - Si cette stratégie est désactivée, le chiffrement TLS_RSA_WITH_3DES_EDE_CBC_SHA est désactivé. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -Si cette stratégie est activée ou non configurée, le chiffrement TLS_RSA_WITH_3DES_EDE_CBC_SHA est activé. +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. Enable Encrypted Media Extensions If this policy is disabled, encrypted media extensions (like Widevine) are not downloaded by Firefox unless the user consents to installing them. diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml index f78d505..2793421 100644 --- a/windows/it-IT/firefox.adml +++ b/windows/it-IT/firefox.adml @@ -735,41 +735,21 @@ Se questo criterio è abilitato o non configurato, saranno consigliate funzional Se questo criterio è abilitato o non configurato, saranno consigliate azioni basate su quanto l'utente ha digitato nella barra degli indirizzi. TLS_DHE_RSA_WITH_AES_128_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_DHE_RSA_WITH_AES_128_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_DHE_RSA_WITH_AES_128_CBC_SHA è abilitato. TLS_DHE_RSA_WITH_AES_256_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_DHE_RSA_WITH_AES_256_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_DHE_RSA_WITH_AES_256_CBC_SHA è abilitato. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA è abilitato. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA è abilitato. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - Se questo criterio è disabilitato, il cifrario TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 è abilitato. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - Se questo criterio è disabilitato, il cifrario TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 è abilitato. TLS_RSA_WITH_AES_128_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_RSA_WITH_AES_128_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_RSA_WITH_AES_128_CBC_SHA è abilitato. TLS_RSA_WITH_AES_256_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_RSA_WITH_AES_256_CBC_SHA è disabilitato. - -Se questo criterio è abilitato o non configurato, il cifrario TLS_RSA_WITH_AES_256_CBC_SHA è abilitato. TLS_RSA_WITH_3DES_EDE_CBC_SHA - Se questo criterio è disabilitato, il cifrario TLS_RSA_WITH_3DES_EDE_CBC_SHA è disabilitato. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -Se questo criterio è abilitato o non configurato, il cifrario TLS_RSA_WITH_3DES_EDE_CBC_SHA è abilitato. +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. Abilita Encrypted Media Extension Se questo criterio è disabilitato, le Encrypted Media Extension (come Widevine) non sono scaricate da Firefox a meno che l'utente non acconsenta ad installarle. diff --git a/windows/zh-TW/firefox.adml b/windows/zh-TW/firefox.adml index bf4a4f1..a0c8976 100644 --- a/windows/zh-TW/firefox.adml +++ b/windows/zh-TW/firefox.adml @@ -733,41 +733,21 @@ Mozilla 建議您不要停用 Telemetry。透過 Telemetry 收集到的資訊可 若啟用或不設定此原則,則會根據使用者在網址列輸入的內容推薦操作行為。 TLS_DHE_RSA_WITH_AES_128_CBC_SHA - 若停用此原則,將停用 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 加密演算法。 TLS_DHE_RSA_WITH_AES_256_CBC_SHA - 若停用此原則,將停用 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 加密演算法。 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - 若停用此原則,將停用 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 加密演算法。 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - 若停用此原則,將停用 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 加密演算法。 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - 若停用此原則,將停用 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 加密演算法。 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - 若停用此原則,將停用 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 加密演算法。 TLS_RSA_WITH_AES_128_CBC_SHA - 若停用此原則,將停用 TLS_RSA_WITH_AES_128_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_RSA_WITH_AES_128_CBC_SHA 加密演算法。 TLS_RSA_WITH_AES_256_CBC_SHA - 若停用此原則,將停用 TLS_RSA_WITH_AES_256_CBC_SHA 加密演算法。 - -若啟用或不設定此原則,則啟用 TLS_RSA_WITH_AES_256_CBC_SHA 加密演算法。 TLS_RSA_WITH_3DES_EDE_CBC_SHA - 若停用此原則,將停用 TLS_RSA_WITH_3DES_EDE_CBC_SHA 加密演算法。 + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. + +If this policy is disabled, the corresponding cipher is enabled. -若啟用或不設定此原則,則啟用 TLS_RSA_WITH_3DES_EDE_CBC_SHA 加密演算法。 +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. 開啟加密媒體擴充功能 若停用此原則,需經使用者明確同意才會下載加密媒體擴充功能(例如 Widevine),Firefox 不會主動下載。 -- 2.34.1