Closed
Bug 1674111
Opened 4 years ago
Closed 4 years ago
Do not use HTTP3 for OCSP request
Categories
(Core :: Security: PSM, task, P2)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
84 Branch
| Tracking | Status | |
|---|---|---|
| firefox84 | --- | fixed |
People
(Reporter: dragana, Assigned: dragana)
References
Details
(Whiteboard: [necko-triaged])
Attachments
(1 file)
Looking at this comment we may want to disable HTTP3 as well.
|
Assignee | |
Updated•4 years ago
|
Component: Networking: HTTP → Security: PSM
Summary: Do nott use HTTP3 for OCSP request → Do not use HTTP3 for OCSP request
|
|
Assignee | |
Comment 1•4 years ago
|
||
Do not use SPDY or HTTP3 for internal security operations. It could result
in the silent upgrade to ssl, which in turn could require an SSL
operation to fulfill something like an OCSP fetch, which is an
endless loop.
|
|
Assignee | |
Updated•4 years ago
|
Pushed by ddamjanovic@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c8c8237f591e Do not use HTTP3 for OCSP request. r=keeler
|
||
Comment 3•4 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox84:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 84 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•