Closed
Bug 1828703
Opened 2 years ago
Closed 2 years ago
Remove Dropbox from Firefox static key pins (SPKP)
Categories
(Core :: Security: PSM, task, P1)
Tracking
()
RESOLVED
FIXED
114 Branch
Tracking | Status | |
---|---|---|
firefox114 | --- | fixed |
People
(Reporter: April, Assigned: keeler)
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
Hey there, security folks. Long time no see. :)
Dropbox was recently contacted by the Chromium Security team, asking if we still wanted to be included in the Chromium static key pins. We have declined to remain included, and would like to have our pins removed from Firefox as we now believe that CAA and certificate transparency is sufficient for our needs.
I'll send an email to the pinning@ and security@ email account soon to help confirm, and I've also CC'd Dan Fuhry from Dropbox's Traffic team on this bug.
Thanks!
Assignee | ||
Comment 1•2 years ago
|
||
It seems the pinning@ list isn't working properly, so April reached out to me via Twitter.
Assignee: nobody → dkeeler
Severity: -- → N/A
Priority: -- → P1
Whiteboard: [psm-assigned]
Assignee | ||
Comment 2•2 years ago
|
||
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/be2884fe0d69
remove dropbox from preloaded pins r=jschanck
Comment 4•2 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox114:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 114 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•