Confirmed users
69
edits
Platform/2014-02-18: Difference between revisions
→Seceng (mmc)
Nnethercote (talk | contribs) |
Briansmith (talk | contribs) |
||
| Line 155: | Line 155: | ||
===Seceng (mmc)=== | ===Seceng (mmc)=== | ||
<!-- Read only update this week? Uncomment the following line--> | <!-- Read only update this week? Uncomment the following line--> | ||
{{readonly}} | |||
* TLS False Start, a performance optimization for TLS connections, is now enabled in Firefox 28 Beta and later. This optimization is only enabled for sites that use non-RC4 TLS_ECDHE_*/TLS_DHE_* cipher suites and which support the NPN extension. This includes Twitter, Google, and CloudFlare-hosted servers. There is some compatibility risk to this feature, though we believe we have mitigated all of it with the aforementioned restrictions. Please report any compatibility issues in the "Core :: Security: PSM" component ASAP. {{bug|942729}} | |||
* insanity::pkix, the new certificate verification library replacing NSS's certificate verification, landed, pref'd-off (security.use_insanity_verification=false). It is expected to be enabled in a couple of weeks, after OCSP support is added and more testing is done. This was also uplifted to Aurora 29 to make it easier for Certificate Authorities to test it one release before it is enabled. If you don't care about your own HTTPS security and you play with this, please report any issues, particularly compatibility issues, in the "Core :: Security: PSM" component ASAP. {{bug|878932}} | |||
* New certificate verification logic for signed packaged apps, based on insanity::pkix, landed in Nightly 30 and will probably be uplifted to Aurora 29 later this week. This enables (will enable, after some non-cert-related issues are resolved) packaged apps from Mozilla Marketplace to be installed in Desktop Firefox. {{bug|896620}} | |||
* Some cases where we were doing unnecessary OCSP fetching, potentially causing main-thread I/O and other badness, were fixed for Firefox 28 and later. You shouldn't notice anything with these changes, but Firefox is getting faster in this respect. {{bug|950129}}, {{bug|950240}}. | |||
===Shumway (mbx)=== | ===Shumway (mbx)=== | ||