Confirmed users
238
edits
SecurityEngineering/Public Key Pinning/Implementation Details: Difference between revisions
Jump to navigation
Jump to search
SecurityEngineering/Public Key Pinning/Implementation Details (view source)
Revision as of 18:14, 28 August 2014
, 28 August 2014→What to do when Firefox's root certs change
No edit summary |
|||
| Line 28: | Line 28: | ||
=== What to do when Firefox's root certs change === | === What to do when Firefox's root certs change === | ||
* Look at http://mxr.mozilla.org/mozilla-central/source/security/manager/tools/PreloadedHPKPins.json | * Look at http://mxr.mozilla.org/mozilla-central/source/security/manager/tools/PreloadedHPKPins.json to see if the root is pinned by anyone. | ||
to see if the root is pinned by anyone. | * If the root is in use, file a Bugzilla bug (Product Core, Component Security:PSM) to request that the pinning list be regenerated and that the corresponding site operators be notified when the root change is checked in (linking back to my root change request bug). | ||
* If the root is in use, file a Bugzilla bug (Product Core, Component Security:PSM) to request that the pinning list | |||
be regenerated and that the corresponding site operators be notified when the root change is checked in (linking back to my root change | |||
request bug). | |||
=== Something is Broken, and we Think it's Pinning === | === Something is Broken, and we Think it's Pinning === | ||
TODO | TODO | ||