caption: Enable DHE cipher suites in TLS
deprecated: true
desc: |-
This policy was removed in M58 after DHE was removed from <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>.
If the policy is not set, or is set to false, then DHE cipher suites in TLS will not be enabled. Otherwise it may be set to true to enable DHE cipher suites and retain compatibility with an outdated server. This is a stopgap measure and the server should be reconfigured.
Servers are encouraged to migrated to ECDHE cipher suites. If these are unavailable, ensure a cipher suite using RSA key exchange is enabled.
example_value: false
features:
dynamic_refresh: true
per_profile: false
owners:
- file://crypto/OWNERS
- [email protected]
schema:
type: boolean
supported_on:
- chrome.*:53-57
- chrome_os:53-57
- android:53-57
tags:
- system-security
type: main
Codebase Browser
chromium