Add a user-facing setting to enable enterprise roots import, and enable it by default
Categories
(Core :: Security: PSM, enhancement, P1)
Tracking
()
People
(Reporter: molly, Assigned: molly)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
Assignee | ||
Comment 1•1 year ago
|
||
Pushed by mhowell@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f65d71f51234 Add a user-facing setting to enable enterprise roots import, and enable it by default. r=keeler,settings-reviewers,fluent-reviewers,desktop-theme-reviewers,flod,Itiel,Gijs
Comment 3•1 year ago
|
||
Backed out for causing xpcshell assertion failures on nsNSSComponent.cpp.
Pushed by mhowell@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/e2f01ea9db72 Add a user-facing setting to enable enterprise roots import, and enable it by default. r=keeler,settings-reviewers,fluent-reviewers,desktop-theme-reviewers,flod,Itiel,Gijs
Comment 5•1 year ago
•
|
||
Backed out for bc failure on browser_aboutCertError_mitm.js
Backout link: https://hg.mozilla.org/integration/autoland/rev/4163d8d52ecc86c30a3518ca5080fe60265015b2
Log link: https://treeherder.mozilla.org/logviewer?job_id=428884383&repo=autoland&lineNumber=3587
Please also check:
- this failure on browser_privacy_dnsoverhttps.js
- this failure on browser_cleanFlow.js
- this failure on browser_doorhangerUserReject.js
Pushed by mhowell@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/81b65e80ca14 Add a user-facing setting to enable enterprise roots import, and enable it by default. r=keeler,settings-reviewers,fluent-reviewers,desktop-theme-reviewers,flod,Itiel,Gijs,valentin
Comment 7•1 year ago
|
||
bugherder |
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Comment 8•1 year ago
|
||
Release Note Request (optional, but appreciated)
[Why is this notable]: We expect/hope that this will fix a large number of certificate errors for users trying to get to intranet sites on managed networks, or who have security software configured to analyze web traffic.
[Suggested wording]: By default, Firefox will now use TLS trust anchors (e.g., certificates) added to the operating system by the user or an administrator. This works on Windows, macOS, and Android, and it can be turned off in the "Privacy & Security" section of Firefox settings, under "Certificates".
Comment 9•1 year ago
|
||
Added to the 120 nightly release notes https://www.mozilla.org/en-US/firefox/120.0a1/releasenotes/
Description
•