Closed Bug 1644528 Opened 5 years ago Closed 5 years ago

Allow cipher policy to enable ciphers

Categories

(Firefox :: Enterprise Policies, enhancement, P3)

Product:
Firefox
Component:
Enterprise Policies
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 79
Tracking Flags:
Tracking Status
firefox-esr68 79+ fixed
firefox-esr78 78+ fixed
firefox77 --- wontfix
firefox78 --- fixed
firefox79 --- fixed

People

(Reporter: mkaply, Assigned: mkaply)

References

Details

Attachments

(2 files, 2 obsolete files)

Bug 1644528 - Allow DisabledCiphers policy to enable ciphers. r?keeler
47 bytes, text/x-phabricator-request
jcristau
: approval-mozilla-beta+
Details | Review
Patch for ESR 68
5.99 KB, patch
RyanVM
: approval-mozilla-esr68+
Details | Diff | Splinter Review

When I originally envisioned the cipher policy, it was only to allow folks to turn them off

There might be cases where we turned things off an enterprise needs something on for some reason.

So we should allow for this.

Attachment #9156435 - Attachment is obsolete: true
Attachment #9156439 - Attachment is obsolete: true

Seems like this would be useful in ESR 78. It's getting late, but could still make b9 if it were requested immediately

See Also: → 1496639
Pushed by mozilla@kaply.com: https://hg.mozilla.org/integration/autoland/rev/96cb8930adee Allow DisabledCiphers policy to enable ciphers. r=keeler

Comment on attachment 9155413 [details]
Bug 1644528 - Allow DisabledCiphers policy to enable ciphers. r?keeler

Beta/Release Uplift Approval Request

  • User impact if declined: Enterprises unable to reenable ciphers that we disable.
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Policy only.
  • String changes made/needed:
Attachment #9155413 - Flags: approval-mozilla-beta?

https://hg.mozilla.org/mozilla-central/rev/96cb8930adee

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox79: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 79

Comment on attachment 9155413 [details]
Bug 1644528 - Allow DisabledCiphers policy to enable ciphers. r?keeler

approved for 78.0b9

Attachment #9155413 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Attached patch Patch for ESR 68Splinter Review

[Approval Request Comment]
If this is not a sec:{high,crit} bug, please state case for ESR consideration: Policy only, parity with 78
User impact if declined: Policy for 68 doesn't match 78
Fix Landed on Version: 78
Risk to taking this patch (and alternatives if risky): Low

See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.

I realize this is late and if it doesn't make it until next ESR, I understand, but this allows for us to have one policy that works for 78 and 68/

Attachment #9158347 - Flags: approval-mozilla-esr68?

This missed the 68.10esr build unfortunately, but we can still uplift it for the 68.11esr build shipping alongside Fx79/78.1esr.

status-firefox77: --- → wontfix
status-firefox-esr68: --- → affected
status-firefox-esr78: --- → fixed
tracking-firefox-esr68: --- → 79+
tracking-firefox-esr78: --- → 78+
Comment on attachment 9158347 [details] [diff] [review] Patch for ESR 68 Approved for 68.11esr.
Attachment #9158347 - Flags: approval-mozilla-esr68? → approval-mozilla-esr68+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: