Closed Bug 1460670 Opened 6 years ago Closed 6 years ago

Remove old *.db.fips databases from profiles

Categories

(Core :: Security: PSM, enhancement, P3)

Product:
Core
Component:
Security: PSM
Type:
enhancement

Tracking

()

Status:
RESOLVED INVALID
Milestone:
Future

People

(Reporter: jcj, Unassigned)

References

Details

(Whiteboard: [psm-backlog] [psm-wouldtake]) 

Since the old FIPS-flagged forms of the NSS databases are even still in DBM format, and using weaker crypto than current databases, we should plan to clear them automatically to protect our users.

It seems like we should be able to do that anytime now that ESR 60 is released, but perhaps we should aim for more 63/64 timeframe?
We only ever created *.fips files from the PKCS#11 module databases, which shouldn't have any encrypted user information, right?
Oh, cool. No user data = no problem. Invalid! Thanks.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.