Confirmed users, Administrators
5,526
edits
Security/Features/SSL Error Reporting: Difference between revisions
Jump to navigation
Jump to search
no edit summary
(Created page with "{{FeatureStatus |Feature name=SSL Error Reporting |Feature stage=Design |Feature status=In progress |Feature health=OK |Feature status note=Certificate pinning will use this....") |
No edit summary |
||
| Line 23: | Line 23: | ||
Enough information needs to be sent to Mozilla for us to be able to reproduce or sufficiently analyze the problem. | Enough information needs to be sent to Mozilla for us to be able to reproduce or sufficiently analyze the problem. | ||
|Feature functional spec=Two phases: | |Feature functional spec=Two phases: | ||
# Add interface to "Untrusted Connection" for user to send error report to Mozilla. | |||
# Cert Pinning to use this ability to send the information back to Mozilla about certificate pinning violations. | |||
|Feature ux design=Update the "Untrusted Connection" error page. | |Feature ux design=Update the "Untrusted Connection" error page. | ||
|Feature implementation plan=Information needed: | |Feature implementation plan=Information needed: | ||
* Entire certificate chain | |||
* Domain of bad connection | |||
* Error Code | |||
* User Agent, IP, Timestamp | |||
|Feature security review=Bug | |Feature security review= {{Bug|846502}} | ||
|Feature privacy review=Bug | |Feature privacy review= {{Bug|846506}} | ||
|Feature implementation notes=Use Bagheera client. There is Bagheera client support for both desktop (as of Fx21) and Android (Fx23/24), so we should be able to generate a JSON payload and submit it for later analysis. | |Feature implementation notes=Use Bagheera client. There is Bagheera client support for both desktop (as of Fx21) and Android (Fx23/24), so we should be able to generate a JSON payload and submit it for later analysis. | ||
}} | }} | ||