From 1d9b83d48cea47298080da9aaf22b0bf1db810d3 Mon Sep 17 00:00:00 2001 From: Michael Kaply <345868+mkaply@users.noreply.github.com> Date: Fri, 17 Apr 2020 13:31:17 -0500 Subject: [PATCH] Initial checkin of new policy DisabledCiphers --- README.md | 64 ++++++++++++++++++++++++ mac/org.mozilla.firefox.plist | 21 ++++++++ windows/de-DE/firefox.adml | 37 ++++++++++++++ windows/en-US/firefox.adml | 37 ++++++++++++++ windows/es-ES/firefox.adml | 37 ++++++++++++++ windows/firefox.admx | 93 +++++++++++++++++++++++++++++++++++ windows/fr-FR/firefox.adml | 37 ++++++++++++++ windows/it-IT/firefox.adml | 37 ++++++++++++++ windows/zh-TW/firefox.adml | 37 ++++++++++++++ 9 files changed, 400 insertions(+) diff --git a/README.md b/README.md index d143a3f..f572339 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ Policies can be specified using the Group Policy templates on Windows (https://g | **[`DisableMasterPasswordCreation`](#disablemasterpasswordcreation)** | Remove the master password functionality. | **[`DisableAppUpdate`](#disableappupdate)** | Turn off application updates. | **[`DisableBuiltinPDFViewer`](#disablebuiltinpdfviewer)** | Disable the built in PDF viewer. +| **[`DisabledCiphers`](#disabledciphers)** | Disable ciphers. | **[`DisableDefaultBrowserAgent`](#disabledefaultbrowseragent)** | Prevent the default browser agent from taking any actions (Windows only). | **[`DisableDeveloperTools`](#disabledevelopertools)** | Remove access to all developer tools. | **[`DisableFeedbackCommands`](#disablefeedbackcommands)** | Disable the menus for reporting sites. @@ -690,6 +691,69 @@ Software\Policies\Mozilla\Firefox\DisableBuiltinPDFViewer = 0x1 | 0x0 } } ``` +### DisabledCiphers +Disable specific cryptographic ciphers. + +**Compatibility:** Firefox 68.8, Firefox ESR 76\ +**CCK2 Equivalent:** N/A\ +**Preferences Affected:** N/A + +#### Windows (GPO) +``` +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_128_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_AES_256_CBC_SHA = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\DisabledCiphers\TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x1 | 0x0 +``` +#### macOS +``` + + DisabledCiphers + + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + | + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + | + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + | + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + | + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + | + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + | + TLS_RSA_WITH_AES_128_CBC_SHA + | + TLS_RSA_WITH_AES_256_CBC_SHA + | + TLS_RSA_WITH_3DES_EDE_CBC_SHA + | + + +``` +#### policies.json +``` +{ + "policies": { + "DisabledCiphers" { + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA": true | false, + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA": true | false, + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": true | false, + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": true | false, + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": true | false, + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": true | false, + "TLS_RSA_WITH_AES_128_CBC_SHA": true | false, + "TLS_RSA_WITH_AES_256_CBC_SHA": true | false, + "TLS_RSA_WITH_3DES_EDE_CBC_SHA": true | false + } + } +} +``` ### DisableDefaultBrowserAgent Prevent the default browser agent from taking any actions. Only applicable to Windows; other platforms don’t have the agent. diff --git a/mac/org.mozilla.firefox.plist b/mac/org.mozilla.firefox.plist index 7d57042..ec4d852 100644 --- a/mac/org.mozilla.firefox.plist +++ b/mac/org.mozilla.firefox.plist @@ -131,6 +131,27 @@ DisableBuiltinPDFViewer + DisabledCiphers + + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + + TLS_RSA_WITH_AES_128_CBC_SHA + + TLS_RSA_WITH_AES_256_CBC_SHA + + TLS_RSA_WITH_3DES_EDE_CBC_SHA + + DisableDeveloperTools DisableFeedbackCommands diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml index 95aba1a..6b2aa39 100644 --- a/windows/de-DE/firefox.adml +++ b/windows/de-DE/firefox.adml @@ -45,6 +45,7 @@ Suche Einstellungen Benutzer-Benachrichtigungen + Disabled Ciphers Erlaubte Seiten Gesperrte Seiten Automatisches Update @@ -708,6 +709,42 @@ Wenn diese Richtlinie aktiviert oder nicht konfiguriert ist, werden Firefox-Funk Wenn diese Richtlinieneinstellung deaktiviert ist, werden basierend darauf, was der Benutzer in die Adressleiste eingibt, keine Aktionen empfohlen. Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, werden Aktionen empfohlen, die darauf basieren, was der Benutzer in die Adressleiste eingibt. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. Wenn diese Richtlinieneinstellung aktiviert ist, ist die Einstellung auf true gesperrt. Wenn diese Richtlinieneinstellung deaktiviert ist, ist die Einstellung auf false gesperrt. Für eine Beschreibung der Einstellung, siehe: diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index ab98ec6..c44ba4f 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -45,6 +45,7 @@ Search Preferences User Messaging + Disabled Ciphers Allowed Sites Blocked Sites Application Autoupdate @@ -710,6 +711,42 @@ If this policy is enabled or not configured, Firefox features wil be recommended If this policy is disabled, actions will not be recommended based on what the user types in the URL bar. If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false. For a description of the preference, see: diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml index c450a0f..b52ea67 100644 --- a/windows/es-ES/firefox.adml +++ b/windows/es-ES/firefox.adml @@ -45,6 +45,7 @@ Búsqueda Preferencias User Messaging + Disabled Ciphers Sitios permitidos Sitios bloqueados Application Autoupdate @@ -710,6 +711,42 @@ If this policy is enabled or not configured, Firefox features wil be recommended If this policy is disabled, actions will not be recommended based on what the user types in the URL bar. If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. Si esta política está habilitada, la preferencia se bloquea en true. Si esta política está deshabilitada, la preferencia está bloqueada en false. Para una descripción de la preferencia, visite: diff --git a/windows/firefox.admx b/windows/firefox.admx index 4b03aab..f18d859 100644 --- a/windows/firefox.admx +++ b/windows/firefox.admx @@ -97,6 +97,9 @@ + + + @@ -3397,5 +3400,95 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml index 18ff353..c951f80 100644 --- a/windows/fr-FR/firefox.adml +++ b/windows/fr-FR/firefox.adml @@ -45,6 +45,7 @@ Recherche Préférences User Messaging + Disabled Ciphers Sites autorisés Sites bloqués Application Autoupdate @@ -710,6 +711,42 @@ If this policy is enabled or not configured, Firefox features wil be recommended If this policy is disabled, actions will not be recommended based on what the user types in the URL bar. If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false. For a description of the preference, see: diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml index 1e753c3..b46d4be 100644 --- a/windows/it-IT/firefox.adml +++ b/windows/it-IT/firefox.adml @@ -45,6 +45,7 @@ Ricerca Preferenze Messaggi utente + Disabled Ciphers Siti consentiti Siti bloccati Aggiornamento automatico applicazione @@ -710,6 +711,42 @@ Se questo criterio è abilitato o non configurato, saranno consigliate funzional Se questo criterio è disabilitato, non saranno consigliate azioni basate su quanto l'utente ha digitato nella barra degli indirizzi. Se questo criterio è abilitato o non configurato, saranno consigliate azioni basate su quanto l'utente ha digitato nella barra degli indirizzi. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. Se questo criterio è abilitato, la preferenza è impostata a Vero e resa non modificabile. Se questo criterio è disabilitato, la preferenza è impostata a Falso e resa non modificabile. Per una descrizione della preferenza, si veda: diff --git a/windows/zh-TW/firefox.adml b/windows/zh-TW/firefox.adml index ce0e5b2..7c07f39 100644 --- a/windows/zh-TW/firefox.adml +++ b/windows/zh-TW/firefox.adml @@ -45,6 +45,7 @@ 搜尋 偏好設定 顯示給使用者的訊息 + Disabled Ciphers 允許的網站 封鎖的網站 應用程式自動更新 @@ -708,6 +709,42 @@ Mozilla 建議您不要停用 Telemetry。透過 Telemetry 收集到的資訊可 若停用此原則,將不會在使用者在網址列輸入時推薦操作行為。 若啟用或不設定此原則,則會根據使用者在網址列輸入的內容推薦操作行為。 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. 若啟用此原則,偏好設定將鎖定為 true。若停用此原則,偏好設定則鎖定為 false。 若需要偏好設定的詳細說明,請參考: -- 2.34.1