Open Bug 1102589 Opened 5 years ago Updated 2 years ago

refactor the relationship between nsSiteSecurityService and PublicKeyPinningService

Categories

(Core :: Security: PSM, defect, P5)

defect

Tracking

()

People

(Reporter: keeler, Unassigned)

References

Details

(Whiteboard: [psm-cleanup])

nsSiteSecurityService calls into PublicKeyPinningService to determine the validity of new HPKP (i.e. dynamic) pins. PublicKeyPinningService calls into nsSiteSecurityService when verifying certificate chains to see if a site has any dynamic pins.
We should sort out this circular dependency. My thinking at the moment is that it makes the most sense to put all of the functionality in nsSiteSecurityService and have that be a single entry-point for any external uses of it.
Whiteboard: [psm-cleanup]
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.