1579906 - disable sending new TLS error reports

Status: RESOLVED FIXED

(Core :: Security: PSM, task, P1)

Description

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

We're re-thinking our TLS error reporting mechanism, and we need to disable sending new reports for now.

Comment 1

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Attachment: bug 1579906 - disable sending new TLS error reports while we rethink our approach r?kjacobs

Comment 2

[Pulsebot]

Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/a80b7ebbd675
disable sending new TLS error reports while we rethink our approach r=kjacobs

Comment 3

[Alexandru Michis [:malexandru]]

https://hg.mozilla.org/mozilla-central/rev/a80b7ebbd675

Comment 4

[Ryan VanderMeulen [:RyanVM]]

Can we uplift this to ESR68 too?

Comment 5

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Comment on attachment 9093432 [details]
bug 1579906 - disable sending new TLS error reports while we rethink our approach r?kjacobs

ESR Uplift Approval Request

• If this is not a sec:{high,crit} bug, please state case for ESR consideration: Right now any TLS error reports that get sent are basically dropped by our servers, so this is just extra work clients are doing.
• User impact if declined: Extra unnecessary work.
• Fix Landed on Version: 71
• Risk to taking this patch: Low
• Why is the change risky/not risky? (and alternatives if risky): The patch flips a pref to disable a feature - it should be safe.
• String or UUID changes made by this patch: none

Comment 6

[Ryan VanderMeulen [:RyanVM]]

Comment on attachment 9093432 [details]
bug 1579906 - disable sending new TLS error reports while we rethink our approach r?kjacobs

Disables a feature which isn't doing anything useful. Approved for 68.3esr.

Comment 7

[Ryan VanderMeulen [:RyanVM]]

https://hg.mozilla.org/releases/mozilla-esr68/rev/2cb1d85e2c7d