Open Bug 2006660 Opened 3 months ago Updated 3 months ago

Make network.http.http3.disable_when_third_party_roots_found configurable via enterprise policy

Categories

(Core :: Networking: HTTP, task, P5)

Product:
Core
Component:
Networking: HTTP
Type:
task

Tracking

()

People

(Reporter: mail, Unassigned)

References

Details

(Whiteboard: [necko-triaged])

Bug 1925014 introduced the network.http.http3.disable_when_third_party_roots_found pref, terminating an HTTP/3 connection attempt, when a third party roots TLS certificate is presented. See this comment for detailed reasoning.

Enterprises capable of running a functioning HTTP/3 proxy and/or server should be able to disable the pref, i.e. allow HTTP/3 on connections using a third party root TLS certificate. For that purpose we should add an enterprise policy for it.

Very low priority. Contributions welcome.

No longer depends on: 1925014
See Also: → 1925014, 1985341
You need to log in before you can comment on or make changes to this bug.