Security/Features/SSL Error Reporting: Difference between revisions

Jump to navigation Jump to search

Security/Features/SSL Error Reporting (view source)

Revision as of 23:27, 20 May 2013

37 bytes added ,  20 May 2013
no edit summary
No edit summary
No edit summary
Line 15: Line 15:
|Feature users and use cases=A user browses to a secure website, but gets the warning: "This Connection is Untrusted". The user views the technical details and sees that the error is due to an invalid security certificate, so they click on the option to send the error information to Mozilla for analysis.
|Feature users and use cases=A user browses to a secure website, but gets the warning: "This Connection is Untrusted". The user views the technical details and sees that the error is due to an invalid security certificate, so they click on the option to send the error information to Mozilla for analysis.


Another use case will be when [[CA_pinning_functionality | Certificate Pinning]] is available. When the set of keys in the certificate chain do not intersect with the set of keys 'pinned' in the browser, then an alert will be generated and sent to Mozilla to be stored and analyzed. There may be some false alarms, but if a real issue (such as MITM) is identified, the security-group should be alerted for further action.
Another use case will be when [https://wiki.mozilla.org/Security/Features/CA_pinning_functionality Certificate Pinning] is available. When the set of keys in the certificate chain do not intersect with the set of keys 'pinned' in the browser, then an alert will be generated and sent to Mozilla to be stored and analyzed. There may be some false alarms, but if a real issue (such as MITM) is identified, the security-group should be alerted for further action.
|Feature dependencies=This feature is not dependent on anything else, but Cert Pinning will need this capability.
|Feature dependencies=This feature is not dependent on anything else, but Cert Pinning will need this capability.
|Feature requirements=The user should opt-in to send the information to Mozilla.
|Feature requirements=The user should opt-in to send the information to Mozilla.
Enough information needs to be sent to Mozilla for us to be able to reproduce or sufficiently analyze the problem.
Enough information needs to be sent to Mozilla for us to be able to reproduce or sufficiently analyze the problem.
|Feature functional spec=Two phases:
|Feature functional spec=Two phases:
# Add interface to "Untrusted Connection" for user to send error report to Mozilla.
# Add interface to "Untrusted Connection" for user to send error report to Mozilla.
Kathleen Wilson
Confirmed users, Administrators
5,526

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/658476"

Navigation menu