SecurityEngineering/Public Key Pinning/SiteOperators

From MozillaWiki
Jump to navigation Jump to search

Help, I need to change my pinset!

File a bug under the Core::Security:PSM component with changes to your pinset: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=Security%3A%20PSM

How much notice do I need to give for pinset changes?

Firefox is on a 6-week cycle, with 4 different trains: Nightly, Aurora, Beta, Release.

How can you test your pins?

  1. Go to about:config and make sure that security.cert_pinning.enforcement_level = 1 (allow user-specified trust anchors to override pinning checks) or 2 (strict mode)
  2. Visit https://pinningtest.appspot.com to make sure you see a warning.
  3. Visit all your sites!
Retrieved from "https://wiki.allizom.org/index.php?title=SecurityEngineering/Public_Key_Pinning/SiteOperators&oldid=981844"