Closed
Bug 1367614
Opened 7 years ago
Closed 7 years ago
Firefox incorrectly connects to site with invalid SCT.
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: WdFCRTsSDyWZ, Unassigned)
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:55.0) Gecko/20100101 Firefox/55.0 Build ID: 20170523030206 Steps to reproduce: Point Firefox to site: https://invalid-expected-sct.badssl.com/ Actual results: Firefox connects. Expected results: Firefox should have refused to connect because the SCT (Signed Certificate Timestamp) is invalid.
Firefox has not shipped support for CT yet.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•