Closed Bug 1444990 Opened 6 years ago Closed 6 years ago

Make sure the HPKP/HSTS preload expiration dates are accurate for Firefox 61

Categories

(Core :: Security: PSM, enhancement, P2)

Product:
Core
Component:
Security: PSM
Version:
60 Branch
Type:
enhancement

Tracking

()

Status:
VERIFIED FIXED
Tracking Flags:
Tracking Status
firefox61 blocking verified

People

(Reporter: RyanVM, Assigned: RyanVM)

References

Details

+++ This bug was initially created as a clone of Bug #1436376 +++

Confirm and patch security/manager/ssl/StaticHPKPins.h and security/manager/ssl/nsSTSPreloadList.inc in 61 to have sufficient lifetime on the preloaded HPKP and STS pins.

Going off past precedents, we'll want an expiration date of around 2018-10-16 to coincide with the release of Firefox 63 (though that date should be confirmed closer to the time of landing the patch in case of schedule changes).
Assignee: nobody → ryanvm
Note to self: This can land after 2018-06-12 with an expiration date of 2018-10-23 (to reflect the revised Fx63 ship date).
Priority: P1 → P2
Bug 1466552 has been uplifted to Beta, which should make this bug obsolete. That said, we haven't actually managed to get an automated pinning update to successfully run there yet, so leaving this bug open until then :).
This is now fixed.
https://hg.mozilla.org/releases/mozilla-beta/rev/e5d9bf645ebf1f0501fce6f55ab16575fede5e2c

Current time epoch gives us an expiration date of 2018-10-16, so we should be good to go with one more week's worth of updates.
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox61: affectedfixed
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
status-firefox61: fixedverified
You need to log in before you can comment on or make changes to this bug.