Closed
Bug 1006107
Opened 10 years ago
Closed 10 years ago
Set enforcement level for pinning to zero and setup pinning for *.addons.mozilla.org
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
FIXED
mozilla32
People
(Reporter: cviecco, Assigned: cviecco)
References
Details
Attachments
(1 file, 1 obsolete file)
9.01 KB,
patch
|
cviecco
:
review+
|
Details | Diff | Splinter Review |
After today's meeting we agreed on: 1. make the pinning pref not hidden 2. Chnge the default from 1(enable mitm) to 0 (pinning disabled) 3. Put the addons site pins back on (and include use mozilla_cdn as the pinning info).
Assignee | ||
Comment 1•10 years ago
|
||
Assignee | ||
Updated•10 years ago
|
Attachment #8417600 -
Flags: review?(dkeeler)
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → cviecco
Comment on attachment 8417600 [details] [diff] [review] set-addons-pinn-and-pref-to-disabled Review of attachment 8417600 [details] [diff] [review]: ----------------------------------------------------------------- Great - r=me with comments addressed. ::: security/manager/tools/PreloadedHPKPins.json @@ +25,5 @@ > // equifax -> aus3 > // Geotrust Primary -> www.mozilla.org > // Geotrust Global -> *. addons.mozilla.org > > +// From bug 772756, mozilla uses GeoTrust, Digicert and Thawte Put this documentation next to the declaration of the pinset itself. @@ +30,5 @@ > // geotrust ca info: http://www.geotrust.com/resources/root-certificates/index.html > { > "pinsets": [ > { > "name": "mozilla", If we're not using this pinset, let's remove it. In fact, let's remove this pinset and call the other one "mozilla". @@ +93,5 @@ > } > ], > > "entries": [ > + // from bug 1005653 we learned that addon subdomains include cdn sites I'm not sure this comment is helpful in the long run.
Attachment #8417600 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 3•10 years ago
|
||
Keeping r+ from keeler
Attachment #8417600 -
Attachment is obsolete: true
Attachment #8417643 -
Flags: review+
https://hg.mozilla.org/mozilla-central/rev/6e1d2f5b54e3
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla32
Updated•10 years ago
|
Summary: Set enforcement level for pining to zero and setup pinning for *.addons.mozilla.org → Set enforcement level for pinning to zero and setup pinning for *.addons.mozilla.org
You need to log in
before you can comment on or make changes to this bug.
Description
•