Add Let's Encrypt's CT logs to certviewer
Categories
(Firefox :: Security, enhancement, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox76 | --- | fixed |
People
(Reporter: jcj, Assigned: luma, Mentored)
References
(Blocks 1 open bug)
Details
Attachments
(2 files)
https://searchfox.org/mozilla-central/source/toolkit/components/certviewer/content/ctlognames.js contains human-readable names for the certviewer. It does not contain Let's Encrypt's CT logs, instead showing a name of Unknown.
The Let's Encrypt Oak logs have keys listed here: https://letsencrypt.org/docs/ct-logs/
Example Let's Encrypt sites show one such log ID as E7:12:F2:B0:37:7E:1A:62:FB:8E:C9:0C:61:84:F1:EA:7B:37:CB:56:1D:11:26:5B:F3:E0:F3:4B:F2:41:54:6E
.
Comment 1•4 years ago
|
||
Thanks JC!
Updated•4 years ago
|
Comment 2•4 years ago
|
||
You can find an example certificate here if you scroll all the way to the bottom (it's the certificate for letsencrypt.org).
The task is simply to copy over names and log ids from https://letsencrypt.org/docs/ct-logs/ into https://searchfox.org/mozilla-central/source/toolkit/components/certviewer/content/ctlognames.js, you'll have to replace the ::
in the log ids and make them lowercase to match.
Comment 3•4 years ago
|
||
Hi! May i work on this?
(In reply to Jayati Shrivastava from comment #3)
Hi! May i work on this?
Hi Jayati, Johannh assigned me this bug in Matrix, now I ask her to sign this here too
Updated•4 years ago
|
Comment 6•4 years ago
|
||
Yeah sorry I asked if Marinella wants to take this. I think you already have some things to work on Jayati, otherwise please let me know.
(In reply to Johann Hofmann [:johannh] from comment #2)
You can find an example certificate here if you scroll all the way to the bottom (it's the certificate for letsencrypt.org).
The task is simply to copy over names and log ids from https://letsencrypt.org/docs/ct-logs/ into https://searchfox.org/mozilla-central/source/toolkit/components/certviewer/content/ctlognames.js, you'll have to replace the
::
in the log ids and make them lowercase to match.
Hi Johannh, I cannot open the link of the example certificate. Could you replace this? Thank you
Should I insert also the Testflume names from Testing section, or only the Oak ones?
Comment 10•4 years ago
|
||
I guess it doesn't hurt to include the test ones? :)
Comment 11•4 years ago
|
||
(In reply to Johann Hofmann [:johannh] from comment #6)
Yeah sorry I asked if Marinella wants to take this. I think you already have some things to work on Jayati, otherwise please let me know.
Marinella can work on this. I'll poke some other bugs meanwhile :)
Assignee | ||
Comment 12•4 years ago
|
||
(In reply to Johann Hofmann [:johannh] from comment #10)
I guess it doesn't hurt to include the test ones? :)
Perfect it is that I want to know! :)
Assignee | ||
Comment 13•4 years ago
|
||
Depends on D66417
Assignee | ||
Comment 14•4 years ago
|
||
Comment 15•4 years ago
|
||
Pushed by jhofmann@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/62ab2cd02833 Add Let's Encrypt's CT logs to certviewer. r=johannh
Comment 16•4 years ago
|
||
bugherder |
Description
•