Closed Bug 1427957 Opened 2 years ago Closed 2 years ago

Make sure the HPKP/HSTS preload expiration dates are accurate for Firefox 59


(Core :: Security: PSM, enhancement, P1)

59 Branch



Tracking Status
firefox59 blocking fixed
firefox60 --- unaffected


(Reporter: RyanVM, Assigned: keeler)



(Whiteboard: [psm-assigned])


(1 file)

+++ This bug was initially created as a clone of Bug #1412331 +++

Confirm and patch security/manager/ssl/StaticHPKPins.h and security/manager/ssl/ in 58 to have sufficient lifetime on the preloaded HPKP and STS pins.

Going off past precedents, we'll want an expiration date of around 2018-07-03 to coincide with the release of Firefox 61 (though that should be confirmed closer to the time of landing the patch in case of schedule changes).
Version: 58 Branch → 59 Branch
Right now, we have 2018-06-26 as the release date for Firefox 61 on the release scheduling calendar and 2018-07-03 on the wiki: I'll have to go over the calendar again with the team, but for now, it may be best to push out the date by a week past July 3rd.  

keeler, what do you think?
Flags: needinfo?(dkeeler)
I think that's probably fine. Note that we can't land this for a while yet anyway because a test depends on the information eventually expiring.
Flags: needinfo?(dkeeler)
After some discussion we set the release date for Firefox 61 to 2018-06-26. When should we land the date change?
Flags: needinfo?(dkeeler)
Looks like in the past we've landed it about 3 weeks before release, so around 2018-02-20, assuming 59 is going to be released on 2018-03-13?
Flags: needinfo?(dkeeler)
I think we're good for landing a patch here now.
Flags: needinfo?(dkeeler)
Assignee: nobody → dkeeler
Flags: needinfo?(dkeeler)
Whiteboard: [psm-assigned]
Comment on attachment 8952575 [details] [diff] [review]

Review of attachment 8952575 [details] [diff] [review]:

Confirmed that's the correct date, the release date of Firefox 61.
Attachment #8952575 - Flags: review?(jjones) → review+
Comment on attachment 8952575 [details] [diff] [review]

Let's get this landed for 59b12. Thanks for the patch!
Attachment #8952575 - Flags: approval-mozilla-beta+
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
You need to log in before you can comment on or make changes to this bug.