Set security.enterprise_roots.enabled to true by default on ESR
Categories
(Firefox :: Security, task, P1)
Tracking
()
People
(Reporter: RT, Assigned: jcristau)
References
Details
User Story
Assuming that our A/B test (https://experimenter.services.mozilla.com/experiments/retentionengagement-impact-of-enabling-the-enterprise-roots-feature-in-the-presence-of-an-av/) does not identify regressions in user retention/engagement we'd like to set ecurity.enterprise_roots.enabled to true by default on the next ESR. This removes a barrier to enterprise adoption in scenarios where our MitM detection mechanisms fail. (many enterprises hit issues with self signed certificates who are not aware of the enterprise roots feature).
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
pascalc
:
approval-mozilla-esr68+
|
Details | Review |
Assuming that our A/B test (https://experimenter.services.mozilla.com/experiments/retentionengagement-impact-of-enabling-the-enterprise-roots-feature-in-the-presence-of-an-av/) does not identify regressions in user retention/engagement we'd like to set security.certerrors.mitm.auto_enable_enterprise_roots to true by default on the next ESR.
This removes a barrier to enterprise adoption in scenarios where our MitM detection mechanisms fail. (many enterprises hit issues with self signed certificates who are not aware of the enterprise roots feature).
Comment 1•6 years ago
|
||
Did you mean security.enterprise_roots.enabled
? Because security.certerrors.mitm.auto_enable_enterprise_roots
depends on the MitM detection mechanism to work.
Also, note that AFAIU neither method can protect against purely self-signed certificates (with no custom root attached).
Updated•6 years ago
|
Reporter | ||
Comment 2•6 years ago
|
||
Apologies you're right here, now added a user story field with updated preference.
Reporter | ||
Updated•6 years ago
|
Reporter | ||
Comment 3•6 years ago
|
||
The results from the study were very positive per https://metrics.mozilla.com/protected/wbeard/exp_av/reports/index.html and we want to move forward with setting security.enterprise_roots.enabled to true by default on ESR.
I'm unsure who typically creates custom changes for ESR, Mike can you please assign to the relevant person so it gets done as ESR68 gets built?
Comment 4•6 years ago
|
||
Julian,
Should we handle this in code, similar to extension signing?
Assignee | ||
Comment 5•5 years ago
|
||
We can land a patch to change the default on the esr68 repo after it's created next month, that's probably easiest.
Comment 6•5 years ago
|
||
[Tracking Requested - why for this release]: Marking so we remember to do this before release.
Updated•5 years ago
|
Updated•5 years ago
|
Comment 8•5 years ago
|
||
We can land a patch to change the default on the esr68 repo after it's created next month, that's probably easiest.
Actually reading that comment I'm not sure if I'm the right assignee anymore, I suppose rel-man will take care of this?
Thanks!
Comment 9•5 years ago
|
||
per comment #5 -- Julien, who is the right person to handle this change?
Comment 10•5 years ago
|
||
Based on the results of the study, I'm confirming that we do want to move forward with shipping in 68 unless there is some risk that I'm not aware of in doing so.
Assignee | ||
Comment 11•5 years ago
|
||
I'll take this.
Assignee | ||
Comment 12•5 years ago
|
||
We don't want to ship the MitM detection on ESR, so directly import
roots from the Windows registry instead.
Assignee | ||
Comment 13•5 years ago
|
||
Comment on attachment 9071265 [details]
Bug 1541012 - enable security.enterprise_roots.enabled for ESR68. r?johannh
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: on release we do mitm detection, on esr we don't want to do that
- User impact if declined: cert errors when using enterprise or AV mitm
- Fix Landed on Version:
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky):
- String or UUID changes made by this patch: n/a
Updated•5 years ago
|
Assignee | ||
Comment 14•5 years ago
|
||
Moving tracking to esr68 now that the flags are available.
Comment 15•5 years ago
|
||
Comment on attachment 9071265 [details]
Bug 1541012 - enable security.enterprise_roots.enabled for ESR68. r?johannh
Approved for esr68
Assignee | ||
Comment 16•5 years ago
|
||
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Comment 17•5 years ago
|
||
Verified - fixed on latest ESR 68.1.0esr (Build ID: 20190826132627) on Windows 10 x64, Mac OS 10.14 and Ubuntu 16.04.
The "security.enterprise_roots.enabled" pref is enabled by default.
Description
•