Closed
Bug 1330446
Opened 7 years ago
Closed 7 years ago
Ensure that the HPKP pinning expiration for Firefox 51 is after the release of Firefox 52
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla51
Tracking | Status | |
---|---|---|
firefox51 | --- | fixed |
People
(Reporter: jcj, Assigned: jcj)
References
Details
Attachments
(1 file)
2.29 KB,
patch
|
keeler
:
review+
gchang
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
+++ This bug was initially created as a clone of Bug #1307530 +++ [Tracking Requested - why for this release]: Possible MITM issue if not done before Fx51 ships. The core issue for Bug #1307530 is not resolved, so this bug is to do the same thing again for Fx51. The expiry timestamp currently in beta [1] is for 19 February 2017 @ 2:02pm (UTC), or 16 days *prior* to the scheduled release of 52. Last time we extended the expiration to {release date}+21 days. Doing that again would be 28 March 2017, or timestamp=1490659200 . [1] https://hg.mozilla.org/releases/mozilla-beta/file/tip/security/manager/ssl/StaticHPKPins.h#l1167
Assignee | ||
Comment 1•7 years ago
|
||
Attachment #8825976 -
Flags: review?(dkeeler)
Attachment #8825976 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 2•7 years ago
|
||
Comment on attachment 8825976 [details] [diff] [review] Bump the HPKP and HSTS expiration dates to 28 March 2017 [Feature/Bug causing the regression]: Repeat of Bug 1307530 [User impact if declined]: Possible MITM issue if not done before Fx51 ships. This is pretty much the same as the pushes to nightly / aurora to move the expiry timestamp forward with a=hsts-update (etc). (NIs per ritu's instructions on IRC.)
Flags: needinfo?(lhenry)
Flags: needinfo?(gchang)
Attachment #8825976 -
Flags: approval-mozilla-beta?
Updated•7 years ago
|
status-firefox51:
--- → affected
Flags: needinfo?(gchang)
Comment 3•7 years ago
|
||
Comment on attachment 8825976 [details] [diff] [review] Bump the HPKP and HSTS expiration dates to 28 March 2017 Bump the expiration date to avoid possible MITM issue. Beta51+. Should be in 51 Beta 14.
Attachment #8825976 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Comment 4•7 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-beta/rev/ef723be83d31
Updated•7 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Flags: needinfo?(lhenry)
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•