Enable HPKP for Phonebook.m.o

RESOLVED FIXED

Status

Webtools
Phonebook
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: atoll, Unassigned)

Tracking

Trunk
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

a year ago
Let's enable 15-day HPKP for Phonebook.
(Reporter)

Comment 1

a year ago
DigiCert SHA2 Secure Server CA: pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="
Depends on: 1304801
(Reporter)

Comment 2

a year ago
phonebook.mozilla.org: pin-sha256="zSvnhQdjmYpQNahZ5voq6EGaNgaT0ElRiy+mzBD7p+k="

Let’s Encrypt Authority X3: pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
Let’s Encrypt Authority X4: pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="

Final HPKP testing header, compiled from the above hashes:

Header always set Public-Key-Pins-Report-Only "max-age=10; pin-sha256=\"zSvnhQdjmYpQNahZ5voq6EGaNgaT0ElRiy+mzBD7p+k=\"; pin-sh  a256=\"5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=\"; pin-sha256=\"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=\"; pin-sha256=\"s  RHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=\""
(Reporter)

Comment 3

a year ago
(once again, sans whitespace copy-space drama)

Header always set Public-Key-Pins-Report-Only "max-age=10; pin-sha256=\"zSvnhQdjmYpQNahZ5voq6EGaNgaT0ElRiy+mzBD7p+k=\"; pin-sha256=\"5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w=\"; pin-sha256=\"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=\"; pin-sha256=\"sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=\""
(Reporter)

Comment 4

a year ago
Deployed to dev/stage, verified, raised to max-age=3600. Long-term testing begins.
(Reporter)

Comment 5

a year ago
Raised dev/stage to 1296000.
(Reporter)

Comment 6

a year ago
Enabled prod for max-age=3600. Pausing to verify results. CHG0010835
(Reporter)

Updated

a year ago
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
(Reporter)

Updated

a year ago
Blocks: 1313537
You need to log in before you can comment on or make changes to this bug.