Closed
Bug 1228451
Opened 9 years ago
Closed 9 years ago
Set the short-lived lifetime to the max OCSP response lifetime
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla45
| Tracking | Status | |
|---|---|---|
| firefox45 | --- | fixed |
People
(Reporter: mgoodwin, Assigned: mgoodwin)
Details
Attachments
(1 file)
The maximum OCSP response lifetime is 10 days.
|
Assignee | |
Comment 1•9 years ago
|
||
Bug 1228451 - Set short-lived cert lifetime to the max OCSP response lifetime. r?keeler
Attachment #8692675 -
Flags: review?(dkeeler)
|
||
Comment 2•9 years ago
|
||
Comment on attachment 8692675 [details]
MozReview Request: Bug 1228451 - Set short-lived cert lifetime to the max OCSP response lifetime. r?keeler
https://reviewboard.mozilla.org/r/26301/#review24035
::: modules/libpref/init/all.js:1999
(Diff revision 1)
> +pref("security.pki.cert_short_lifetime_in_days", 10);
Hmmm - it looks like the TLS/PKI security prefs are split between this file and netwerk/base/security-prefs.js (with most of them being in the latter). I think it would be best if they were in one place, so let's put this pref in security-prefs.js and move the rest of them in a follow-up bug.
Attachment #8692675 -
Flags: review?(dkeeler) → review+
|
|
Assignee | |
Comment 3•9 years ago
|
||
|
|
Assignee | |
Comment 4•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/ed2b80d144f9eaf50d68cfeb68d613671ef5eb52
Bug 1228451 - Set short-lived cert lifetime to the max OCSP response lifetime. r=keeler
|
||
Comment 5•9 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox45:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla45
You need to log in
before you can comment on or make changes to this bug.
Description
•