Consider using a separate domain for MitM priming
Categories
(Firefox :: Security, enhancement, P3)
Tracking
()
People
(Reporter: johannh, Unassigned)
References
(Blocks 2 open bugs)
Details
In bug 1529643 we enabled automatically detecting man in the middle software using a priming network request to https://mitmdetection.services.mozilla.com/. According to reports from Philipp (SUMO), some AV vendors actually exempt Mozilla domains from their interception to allow for updates etc.
We should figure out if this is really an issue and if so, we should consider adding a new domain specifically for MitM detection.
Reporter | ||
Comment 1•4 years ago
|
||
Hey :wezhou, as mentioned via email we'd need support from Ops here, and you mentioned that you could handle prioritization. Is there anything else you need?
Thanks!
Is there any data to show how many users are having issues with https://mitmdetection.services.mozilla.com/ being the endpoint?
Reporter | ||
Comment 3•4 years ago
|
||
Not really and it's hard to measure, since that URL is what's used to find issues in the first place :)
This is mostly based on our subjective feeling based on SUMO reports.
Description
•