Closed
Bug 1797566
Opened 2 years ago
Closed 2 years ago
CCADB entries generated 2022-10-26T17:01:00Z
Categories
(Core :: Security Block-lists, Allow-lists, and other State, enhancement)
Core
Security Block-lists, Allow-lists, and other State
Tracking
()
RESOLVED
FIXED
People
(Reporter: ccadb2onercl, Unassigned)
Details
Attachments
(3 files)
Adding entries to OneCRL based on revoked intermediate certificates reported in the CCADB.
Reporter | ||
Comment 1•2 years ago
|
||
Reporter | ||
Comment 2•2 years ago
|
||
Reporter | ||
Comment 3•2 years ago
|
||
Comment 4•2 years ago
|
||
These are the correct entries to add to OneCRL.
We do not need to run TLS Canary on this batch of changes.
Ready for review/approval at Kinto Staging.
Flags: needinfo?(dkeeler)
Approved at staging. onecrl-entry-checker
output:
[15:24:51] Stage-Stage: 1490 Stage-Preview: 1490 Stage-Published: 1490 compare.py:67
Prod-Stage: 1490 Prod-Preview: 1490 Prod-Published: 1479 compare.py:75
Verifying stage against preview compare.py:82
stage/security-state-staging (1490) and stage/security-state-preview (1490) are equivalent compare.py:87
stage/security-state-staging (1490) and prod/security-state-staging (1490) are equivalent compare.py:87
[15:24:52] stage/security-state-staging (1490) and prod/security-state-preview (1490) are equivalent compare.py:87
stage/security-state-preview (1490) and prod/security-state-staging (1490) are equivalent compare.py:87
stage/security-state-preview (1490) and prod/security-state-preview (1490) are equivalent compare.py:87
prod/security-state-staging (1490) and prod/security-state-preview (1490) are equivalent compare.py:87
No changes are waiting in staging compare.py:90
There are 11 changes waiting in production. Adding: compare.py:99
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRpZ2lDZXJ0IEhpZ2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0E=',
'serialNumber': 'BDg2SqweGZEe3TK+yl8pgw=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMSswKQYDVQQDEyJTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVDQyBSb290Q0Ex',
'serialNumber': 'AQAAPggPTZo3'
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMSswKQYDVQQDEyJTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVDQyBSb290Q0Ex',
'serialNumber': 'AQAART30i+dG'
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMSswKQYDVQQDEyJTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVDQyBSb290Q0Ex',
'serialNumber': 'AQAARzAgXda7'
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNVBAMTIkRpZ2lDZXJ0IEhpZ2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0E=',
'serialNumber': 'BJs5bzwFPCdTNiFgnspdPw=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENB',
'serialNumber': 'Bg1bPA4gYzI0+zXlAjzBaA=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNVBAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQQ==',
'serialNumber': 'DFWl6NPPT7NZ8Asrci/u+Q=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENB',
'serialNumber': 'A88eZXjGXrL3zaF3t/3DZQ=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MEcxCzAJBgNVBAYTAkhLMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25na29uZyBQb3N0IFJvb3QgQ0EgMQ==',
'serialNumber': 'Wjs+TxAJkGNaRsp4NJA1o5GwjfI='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'MGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENB',
'serialNumber': 'DaLXyI4fEuNfySxqGup6Yg=='
}
{
'details': {'bug': 'https://bugzilla.mozilla.org/show_bug.cgi?id=1797566', 'who': '', 'why': '', 'name': '', 'created': ''},
'enabled': False,
'issuerName': 'ME0xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjElMCMGA1UEAxMcRGlnaUNlcnQgVExTIFJTQTQwOTYgUm9vdCBHNQ==',
'serialNumber': 'AtNop7tpO9uOIlnnWF07FQ=='
}
Staging is updated, and production changes are waiting, so Firefox can use compare.py:110
Remote Settings DevTools (https://github.com/mozilla-extensions/remote-settings-devtools)
and cert-storage-inspector (https://github.com/mozkeeler/cert-storage-inspector) to test
OneCRL.
Flags: needinfo?(dkeeler)
Comment 6•2 years ago
|
||
Looks correct. Please proceed with approving the changes at Kinto Production. Thanks!
Flags: needinfo?(dkeeler)
Reporter | ||
Comment 7•2 years ago
|
||
Changes are still in review. The following bugs appear to require resolution.
https://bugzilla.mozilla.org/show_bug.cgi?id=1797566
Approved in production.
Flags: needinfo?(dkeeler)
Comment 9•2 years ago
|
||
Verified these changes in my Firefox Release profile.
Thanks!
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•