Closed
Bug 1925127
Opened 27 days ago
Closed 27 days ago
align built-in certificate transparency expiration time with ecosystem
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
133 Branch
Tracking | Status | |
---|---|---|
firefox133 | --- | fixed |
People
(Reporter: keeler, Assigned: keeler)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
Chrome expires certificate transparency information after 70 days (10 weeks) if it doesn't get an update. This puts a bound on the time the CT ecosystem assumes clients will either be updated or will no longer enforce CT by, so it represents the speed at which changes can take place. Our implementation currently expires after 12 weeks if Firefox isn't updated, which increases the latency by 2 weeks. To avoid compatibility issues and potential errors solely in Firefox, we should expire CT information after 10 weeks with no update as well.
Assignee | ||
Comment 1•27 days ago
|
||
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/b8a61a1c09b8
align built-in certificate transparency expiration time with ecosystem r=jschanck
Status: NEW → RESOLVED
Closed: 27 days ago
status-firefox133:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 133 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•