SecurityEngineering/Public Key Pinning/SiteOperators: Difference between revisions
Jump to navigation
Jump to search
| Line 7: | Line 7: | ||
== How can you test your pins? == | == How can you test your pins? == | ||
# | # Go to about:config and make sure that security.cert_pinning.enforcement_level = 1 (allow user-specified trust anchors to override pinning checks) or 2 (strict mode) | ||
# Visit https://pinningtest.appspot.com to make sure you see a warning. | # Visit https://pinningtest.appspot.com to make sure you see a warning. | ||
# Visit all your sites! | # Visit all your sites! | ||
Revision as of 22:38, 22 May 2014
Help, I need to change my pinset!
File a bug under the Core::Security:PSM component with changes to your pinset: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=Security%3A%20PSM
How much notice do I need to give for pinset changes?
Firefox is on a 6-week cycle, with 4 different trains: Nightly, Aurora, Beta, Release.
How can you test your pins?
- Go to about:config and make sure that security.cert_pinning.enforcement_level = 1 (allow user-specified trust anchors to override pinning checks) or 2 (strict mode)
- Visit https://pinningtest.appspot.com to make sure you see a warning.
- Visit all your sites!