MozillaWiki

SecurityEngineering/Public Key Pinning: Difference between revisions

Page Discussion

SecurityEngineering/Public Key Pinning (view source)

Revision as of 17:48, 3 September 2014

266 bytes removed ,  3 September 2014
→‎Implementation status
No edit summary
Line 10: Line 10:
We will:
We will:
# Pin all of the sites that Chrome already does (Google, Twitter) by importing chromium's pinset.
# Pin all of the sites that Chrome already does (Google, Twitter) by importing chromium's pinset.
# Pin our own sites after auditing them and cleaning them up, so that our users know that the updates we serve actually come from us. The list of initial mozilla sites that are pinned is being tracked at: https://mana.mozilla.org/wiki/display/services/Mozilla+sites+SSL+Certificate+Authority+roots+sync+with+Gecko+Built-In+Pins
# Pin our own sites after auditing them and cleaning them up.
# Pin other popular sites like Facebook that are in good shape already (with their cooperation, of course)
# Pin other popular sites like Facebook that are in good shape already (with their cooperation, of course)


Mmc
Confirmed users
238

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1011891"