122
edits
Security/CryptoEngineering/SHA-1: Difference between revisions
Security/CryptoEngineering/SHA-1 (view source)
Revision as of 15:56, 4 January 2017
, 4 January 2017update rollout schedule
(→After The Experiment: Adjust roll-out schedule) |
(update rollout schedule) |
||
| Line 21: | Line 21: | ||
We've announced in our blog post that we'll be disabling SHA-1 for built-in roots over a period of time, starting in Q4 2016 with Beta users, and finishing up sometime in 2017 with Release users. | We've announced in our blog post that we'll be disabling SHA-1 for built-in roots over a period of time, starting in Q4 2016 with Beta users, and finishing up sometime in 2017 with Release users. | ||
The Telemetry Experiment will be a restartless addon; that is also how Hotfixes work. We'll plan to update and resubmit that experiment addon several times, targeting a growing percentage of Beta and then Release users to evaluate SHA-1 breakage. | The Telemetry Experiment will be a restartless addon; that is also how Hotfixes work. We'll plan to update and resubmit that experiment addon several times, targeting a growing percentage of Beta and then Release users to evaluate SHA-1 breakage. This work is being done in [https://bugzilla.mozilla.org/show_bug.cgi?id=1321114 Bug 1321114]. | ||
We can see how often breakage occurs from TLS Error Reporting figures. | We can see how often breakage occurs from TLS Error Reporting figures. | ||
A tentative schedule for roll-out would be: | A tentative schedule for roll-out would be: | ||
==== 2017 ==== | ==== 2017 ==== | ||
* Week 4: | * Week 4: 10% of Beta users | ||
* Week 5: 50% of Beta users | * Week 5: 50% of Beta users | ||
* Week 6: 100% of Beta users + 1% of Release users | * Week 6: 100% of Beta users + 1% of Release users | ||
* Week 7: 5% of Release users | * Week 7: 5% of Release users | ||