Closed
Bug 1282008
Opened 8 years ago
Closed 8 years ago
update the CNNIC whitelist to remove certificates that have expired since they were put on the list
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla52
Tracking | Status | |
---|---|---|
firefox52 | --- | fixed |
People
(Reporter: xidorn, Assigned: keeler)
References
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
It seems to me that whitelist currently takes ~45KB codesize. The last update of that file is over a year ago, which indicates that more certificates inside may have expired. I don't have the list of certificates, so I have no idea how much would it save. Also I guess we can probably just remove the whole whitelist and disable CNNIC root directly for Fennec. I don't really believe that could have a big impact.
Assignee | ||
Updated•8 years ago
|
Component: Security → Security: PSM
Priority: -- → P2
Whiteboard: [psm-backlog]
Assignee | ||
Comment 1•8 years ago
|
||
This change will remove about 2/3 of the certificates on the list. Since there doesn't seem to be a huge drive towards disabling the list and root on Firefox for Android, I'll let that be dealt with separately if it's considered necessary.
Assignee: nobody → dkeeler
Priority: P2 → P1
Summary: Consider update CNNIC whitelist and probably disable that for Fennec → update the CNNIC whitelist to remove certificates that have expired since they were put on the list
Assignee | ||
Updated•8 years ago
|
Whiteboard: [psm-backlog] → [psm-assigned]
Comment hidden (mozreview-request) |
Comment 3•8 years ago
|
||
mozreview-review |
Comment on attachment 8798614 [details] bug 1282008 - update CNNIC whitelist to remove expired certificates https://reviewboard.mozilla.org/r/84022/#review82940
Attachment #8798614 -
Flags: review?(rlb) → review+
Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/96f862cb3d91 update CNNIC whitelist to remove expired certificates r=rbarnes
Comment 5•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/96f862cb3d91
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox52:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
You need to log in
before you can comment on or make changes to this bug.
Description
•