Closed Bug 1120446 Opened 5 years ago Closed 2 years ago

Stale pins might live too long with local clock in the future

Categories

(Core :: Security: PSM, defect)

defect
Not set

Tracking

()

RESOLVED WONTFIX

People

(Reporter: ttaubert, Unassigned)

References

()

Details

(Whiteboard: [psm-backlog])

When a user's machine has a wrongly set date that is let's say a year in the future then even a pin with max-age=86400*30 (a month) might last "1 year and a month" in case the user's machine succeeds in correcting the date in this first month manually or via NTP or the like.

I don't think this is a common problem but blocking a user from accessing a host by keeping a stale pin around for longer than desired is tough to debug.

An easy fix might be to record the SiteHPKPState creation time and save that to disk as well. When loading pins we could simply discard the ones created in the future.
(In reply to Tim Taubert [:ttaubert] from comment #1)
> https://code.google.com/p/chromium/issues/detail?id=445760

This was wontfixed with the reasoning that if the system clock is too far in the future, many things will go wrong. I agree.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.