un-disable unrestricted RC4 fallback in 43

RESOLVED FIXED

Status

()

defect
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: keeler, Assigned: keeler)

Tracking

({dev-doc-complete, site-compat})

43 Branch
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox43+ fixed)

Details

Attachments

(1 attachment)

Bug 1201024 disabled unrestricted RC4 fallback (leaving only whitelisted sites enabled for fallback on release builds) in 43. Unfortunately, since we don't have the necessary "try again with outdated security" UX yet, we can't ship that.
Assignee: nobody → dkeeler
Status: NEW → ASSIGNED
Attachment #8665015 - Flags: review?(jjones)
Comment on attachment 8665015 [details] [diff] [review]
patch for aurora

Review of attachment 8665015 [details] [diff] [review]:
-----------------------------------------------------------------

That looks safe to me.
Attachment #8665015 - Flags: review?(jjones) → review+
Comment on attachment 8665015 [details] [diff] [review]
patch for aurora

Approval Request Comment
[Feature/regressing bug #]: disabling RC4 fallback / bug 1201024
[User impact if declined]: release/beta users will not be able to access sites that require RC4 until something like bug 1207137 has been implemented
[Describe test coverage new/current, TreeHerder]: not exactly applicable - we have tests for RC4 fallback. This just changes a default pref value on release builds
[Risks and why]: low - this patch basically reverts the patch in bug 1201024
[String/UUID change made/needed]: none
Attachment #8665015 - Flags: approval-mozilla-aurora?
Comment on attachment 8665015 [details] [diff] [review]
patch for aurora

Approved for uplift to aurora.
Attachment #8665015 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
https://hg.mozilla.org/releases/mozilla-aurora/rev/0bb47dc85ea8
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.