1423727 - CCADB entries generated 2017-12-06T21:36:32Z

Status: RESOLVED FIXED

(Core :: Security Block-lists, Allow-lists, and other State, enhancement)

Comment 1

[omphalos]

Attachment: Intermediates to be revoked

Revocations data for new records

Comment 2

[omphalos]

Attachment: existing and new revocations in the form of a revocations.txt file

Revocations data for new and existing records

Comment 3

[J.C. Jones [:jcj] (he/they)]

 → cat expected-bug1423239 expected-bug1423727 > expected2
 → python3 kinto-blacklist-entry-checker.py -e expected2
LDAP account password for jjones@mozilla.com:
Password:

Evaluating expected file = 'expected2'

Results:
Pending Kinto Dataset (Found): 603
Added Entries (Expected): 40
[GOOD] Expected But Not Pending (Not Found): 0
Deleted: 0
[GOOD] Entries In Production But Lost Without Being Deleted (Missing): 0

[GOOD] The Expected file matches the change between the staged Kinto and production.
[GOOD] The Kinto dataset found at production equals the union of the expected file and the live list.
Nothing not found.
Nothing deleted.

Comment 4

[J.C. Jones [:jcj] (he/they)]

Signed and pushed.

Comment 5

[Kathleen Wilson]

Comment on attachment 8935128 [details]
Intermediates to be revoked

These are the correct entries to add.

Comment 6

[Kathleen Wilson]

Comment on attachment 8935129 [details]
existing and new revocations in the form of a revocations.txt file

No need to do compat testing for these revoked end-entity certs.  

Thanks!

Comment 7

[Kathleen Wilson]

I confirm that these have been added to OneCRL. Thanks!

Comment 8

[Matt Wobensmith [:mwobensmith][:matt:]]

Comment on attachment 8935129 [details]
existing and new revocations in the form of a revocations.txt file

Canary run did not find any regressions from list of ~490k top sites.

Comment 9

[BMO Automation]

Moving bug to Core::Security Block-lists, Allow-lists, and other State.