Closed
Bug 1449057
Opened 7 years ago
Closed 7 years ago
TLS Canary run - test effects of root removal
Categories
(NSS :: CA Certificates Code, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: wthayer, Unassigned)
Details
Please run TLS Canary on a build that has the Consorci "EC-ACC" root untrusted.
Fingerprint: 88:49:7F:01:60:2F:31:54:24:6A:E2:8C:4D:5A:EF:10:F1:D8:7E:BB:76:62:6F:4A:E0:B7:F9:5B:A7:96:87:99
Subject: CN=EC-ACC, OU=Serveis Publics de Certificacio, O=Agencia Catalana de Certificacio (NIF Q-0801176-I), C=ES
|
||
Updated•7 years ago
|
Flags: needinfo?(mwobensmith)
|
||
Comment 1•7 years ago
|
||
Has someone on the NSS team already removed this cert? Or are you making a decision pending the outcome of this test, in which case I'll be making the build myself?
Flags: needinfo?(mwobensmith) → needinfo?(wthayer)
|
|
||
Updated•7 years ago
|
Flags: needinfo?(mwobensmith)
|
Reporter | |
Comment 2•7 years ago
|
||
I'm requesting that you make a build that has this certificate removed so that we can understand the impact were this root to be removed. Thanks Matt!
Flags: needinfo?(wthayer)
|
|
||
Comment 3•7 years ago
|
||
Will do. It may take me up to a week. Hope this is OK.
|
|
Reporter | |
Comment 4•7 years ago
|
||
A week from now is good.
|
|
||
Comment 6•7 years ago
|
||
Hi Wayne, I apologize for the delay. I have been trying to build Firefox locally with the change, but have been unsuccessful on all platforms I've tried. It appears that several things have changed w/r/t the build process and I'm currently blocked.
One option is to do a try build, which I haven't done before. Another is to get someone else to do one for me, with this change.
I'm about to travel this week, will be working in Europe for the next two weeks. I can try again next week. Will this time frame work, or is this going to be more urgent?
Flags: needinfo?(wthayer)
|
|
Reporter | |
Comment 7•7 years ago
|
||
Hi Matt,
This will soon become a blocker, but next week would be fine. Thank you!
Flags: needinfo?(wthayer)
|
|
||
Comment 8•7 years ago
|
||
The following four sites would be affected, out of the top one million site list.
rank, host
448702, www.diba.cat
508777, www20.gencat.cat
714258, clic.xtec.cat
782007, contractaciopublica.gencat.cat
|
|
Reporter | |
Comment 9•7 years ago
|
||
Perfect, thanks Matt!
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•