Closed Bug 1047274 Opened 10 years ago Closed 8 years ago

Need revocation for add-on signing certificates

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: dveditz, Unassigned)

References

Details

We can always blocklist a bad add-on, but we also need to be able to revoke the signing certificates used to sign them. If a developer leaks their private key we don't want to punish all that developers current users by blocking a perfectly good add-on, we simply want to prevent someone else from mis-using the cert.
Is this still something we need?
Flags: needinfo?(dveditz)
We can put this in a (much) later phase. If we do all the signing ourselves then blocking the add-on (by version if appropriate) is effectively equivalent to revoking the cert. We'd only have to worry about long-lived certs that might get stolen, such as the hotfix add-on.

If we ever progress to the point of issuing certificates to external folks then yes, we would want this. I expect we would piggy-back on the "OneCRL" mechanism mgoodwin created.
Flags: needinfo?(dveditz)
we closed bug 1047269 as won't fix.  reopen this if we reopen that.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
See Also: → 1047269
You need to log in before you can comment on or make changes to this bug.