Closed Bug 1138716 Opened 9 years ago Closed 9 years ago

Regenerate PSM data structures affected by February 2015 batch of root changes

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla39
Tracking Flags:
Tracking Status
firefox38 --- fixed
firefox39 --- fixed

People

(Reporter: kathleen.a.wilson, Assigned: keeler)

References

Details

Attachments

(1 file)

patch
8.68 KB, patch
mmc
: review+
Sylvestre
: approval-mozilla-aurora+
Details | Diff | Splinter Review 
Please regenerate the pinning list and notify the corresponding site operators regarding the February 2015 batch of root changes in Bug #1132496

In particular, the following root certificates will either be removed or have their websites trust bit turned off.

Bug #986019
Equifax Secure Certificate Authority
Equifax Secure Global eBusiness CA-1

Bug #1105374
TC TrustCenter Class 3 CA II
AFAICT, the pinning list will automatically pick up the correct changes (no pinsets used the roots that were removed). There are other data structures that need to be updated, however (namely, the root-related telemetry).
Summary: Regenerate Pinning list due to February 2015 batch of root changes → Regenerate PSM data structures affected by February 2015 batch of root changes
Attached patch patchSplinter Review 
Assignee: nobody → dkeeler
Status: NEW → ASSIGNED

        Attachment #8581772 -
        Flags: review?(mmc)

        Attachment #8581772 -
        Flags: review?(mmc) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/bcebc84e7238
Status: ASSIGNED → RESOLVED
Closed: 9 years ago

          status-firefox39:
          affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla39

    
    

    
  
Comment on attachment 8581772 [details] [diff] [review]
patch

Approval Request Comment
[Feature/regressing bug #]: February 2015 root changes (bug 1132496)
[User impact if declined]: root CA telemetry will be inaccurate
[Describe test coverage new/current, TreeHerder]: n/a
[Risks and why]: low
[String/UUID change made/needed]: none

        Attachment #8581772 -
        Flags: approval-mozilla-aurora?

        Attachment #8581772 -
        Flags: approval-mozilla-aurora? → approval-mozilla-aurora+

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: