Mozilla Dials Back on Firefox Opportunistic Encryption
Mozilla has had a change of heart regarding opportunistic encryption—for now. The company rolled out its open-source Firefox 37 Web browser on March 31, with one of the key new features being a capability known as opportunistic encryption. However, due to a security issue related to opportunistic encryption, Mozilla disabled the feature in the Firefox 37.0.1 update released April 3.
The security issue is located in Mozilla’s HTTP Alternative Services (Alt-Svc) implementation, which is connected to the opportunistic encryption capability.