1220 security.nocertdb clarify & add warning

2025-11-04 07:45:26 +01:00 · 2017-02-23 03:32:09 +13:00
parent 49d8b9f6d6
commit 3af7679932
1 changed files with 4 additions and 2 deletions
--- a/user.js
+++ b/user.js
@@ -58,6 +58,7 @@
   1210: disable 1024-DH Encryption
   1211: disable SHA-1
   1212: disable SSL session tracking
+   1220: security.nocertdb
   1401 & 1406: browser.display.use_document_fonts <font color=#ff3333>[author blocked fonts]</font>
   1404: default fonts <font color=#ff3333>[author changed default fonts]</font>
   1805: plugin.scan.plid.all <font color=#ff3333>[author blocked all plugins]</font>
@@ -661,8 +662,9 @@ user_pref("security.mixed_content.use_hsts", false);
   // recommended left inactive and at default, unless you fully understand the risks and trade-offs
   // user_pref("network.stricttransportsecurity.preloadlist", false);
 // 1220: disable intermediate certificate caching (fingerprinting attack vector)
-   // NOTE: This affects login/cert/key dbs. AFAIK the only effect is all active logins start anew
-   // per session. This may be better handled under FPI (ticket 1323644, part of Tor Uplift)
+   // NOTE: This may be better handled under FPI (ticket 1323644, part of Tor Uplift)
+   // WARNING: This affects login/cert/key dbs You will lose all credentials as they are now
+   // session-only. To be clear, you will lose all your saved passwords and login user names
   // https://bugzilla.mozilla.org/show_bug.cgi?id=1334485 // related bug
   // https://bugzilla.mozilla.org/show_bug.cgi?id=1216882 // related bug (see comment 9)
   // user_pref("security.nocertdb", true); // (hidden pref)