diff --git a/librewolf.cfg b/librewolf.cfg
index 7497440..3ffa35b 100755
--- a/librewolf.cfg
+++ b/librewolf.cfg
@@ -102,11 +102,9 @@ defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authen
 defaultPref("network.http.referer.XOriginTrimmingPolicy", 2);
 
 /** [SECTION] WEBRTC
- * there's no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
- * with the below preference we protect the value even in trusted environments and for win7/8 users,
- * although this will likely cause breakage.
+ * there is no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
+ * the private IP address is only used in trusted environments, eg. allowed camera and mic access.
  */
-defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate
 defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used
 
 /** [SECTION] PROXY */
@@ -191,7 +189,7 @@ defaultPref("security.OCSP.require", true); // set to hard-fail, might cause SEC
 
 /** [SECTION] TLS/SSL */
 pref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security
-pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only by enforcing it with pref()
+pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only by enforcing it with pref(), default
 defaultPref("browser.xul.error_pages.expert_bad_cert", true); // show relevant and advanced issues on warnings and error screens
 
 /** [SECTION] PERMISSIONS */