/* Certificates and trust */ /* Disable OCSP, which checks for certificate revocation by sending * your browser history to a third-party. I think this leaves stapling * enabled, which is what we should be using anyway. Not that I believe * in the CA infrastructure to begin with! * * WARNING: of all the preferences set in this file, this one is likely * the most controversial. * * References: * * 1. https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol * 2. https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ * */ user_pref("security.OCSP.enabled", 0);