Open
Bug 1341397
Opened 7 years ago
Updated 2 years ago
Distribute binary transparency information with releases
Categories
(Firefox :: Security, defect, P3)
Firefox
Security
Tracking
()
NEW
People
(Reporter: rbarnes, Unassigned)
References
(Blocks 1 open bug)
Details
For each release, need to provide: * Certificate including a Merkle tree head for the release * Proof that the certificate has been publicly logged (Inclusion proof / SCT) For each file in the release, need to provide: * Inclusion proof to the Merkle tree head
|
Reporter | |
Updated•7 years ago
|
Blocks: BinaryTransparency
|
||
Updated•7 years ago
|
Priority: -- → P3
|
||
Comment 1•6 years ago
|
||
Is the intention that these things need to be in the releases directory, like https://archive.mozilla.org/pub/firefox/releases/59.0.1/ ? The inclusion proofs are present in SHA256SUMMARY.
|
||
Comment 2•6 years ago
|
||
I think it would be great if we could include the x509 cert (the full chain, just one file). That would be really convenient. But the rest, no we don't need to put those in the release directory. I think the intent for this bug was to document what we needed to include in the update.xml file.
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•