Privacy/Features/HSTS Preload List: Difference between revisions

Jump to navigation Jump to search

Privacy/Features/HSTS Preload List (view source)

Revision as of 22:40, 13 June 2012

99 bytes added ,  13 June 2012
no edit summary
No edit summary
No edit summary
Line 29: Line 29:


Google maintains a list in their chrome source (https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.json -- look for mode=force-https).  We can use this list, since Google has invested in maintaining and sharing it.
Google maintains a list in their chrome source (https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.json -- look for mode=force-https).  We can use this list, since Google has invested in maintaining and sharing it.
|Feature implementation plan=* Create a mechanism to import a list of sites using HSTS into the strict transport security service
|Feature implementation plan=* Create a mechanism to import a list of sites using HSTS into the permissions manager
** This mechanism must also be able to remove HSTS sites from the permissions manager if necessary (details TBD)
* Create a mechanism to suck down chrome's list and scrub/reformat it
* Create a mechanism to suck down chrome's list and scrub/reformat it
** Initially this will be done by manually running a script and obtaining a file that we will check in to mozilla-central along with the above import mechanism code
** Initially this will be done by manually running a script and obtaining a file that we will check in to mozilla-central along with the above import mechanism code
Dkeeler
Confirmed users
299

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/441133"

Navigation menu