Masatoshi Kimura
|
b6814beac2
|
Bug 1128227 - Add a static TLS insecure fallback whitelist. r=keeler
|
2015-02-07 13:03:23 +09:00 |
|
Monica Chew
|
926900820d
|
Bug 1101969: Disable pinning on media.mozilla.com (r=keeler)
|
2014-12-12 09:10:57 -08:00 |
|
Monica Chew
|
1c63529d8f
|
Bug 1004781: Enable pinning for facebook in production mode (r=keeler)
|
2014-12-12 09:10:53 -08:00 |
|
David Keeler
|
c637dcccd7
|
bug 1091232 - update PSM data structures that are affected by root CA changes r=mmc
|
2014-11-18 16:41:18 -08:00 |
|
Monica Chew
|
a50d73f349
|
Bug 1092606: Filter out duplicate pinsets as well as domains (r=keeler)
|
2014-11-17 12:54:42 -08:00 |
|
Monica Chew
|
5a029358aa
|
Bug 1098288: Enable pinning on spideroak (r=keeler)
|
2014-11-14 11:17:40 -08:00 |
|
Monica Chew
|
9213772797
|
Bug 1030135: Promote pin for services.mozilla.com to production mode (r=keeler)
|
2014-11-07 12:00:50 -08:00 |
|
Monica Chew
|
162feb18f0
|
Bug 1004781: Remove unnecessary cert for facebook (r=keeler)
|
2014-11-04 10:54:26 -08:00 |
|
Monica Chew
|
d7bbb7d49f
|
Bug 1092606: Don't import Chromium pinsets for domains that are already in our list (r=keeler,jcj)
|
2014-11-04 10:53:52 -08:00 |
|
Monica Chew
|
d3ab192815
|
Bug 1004781: Actually remove the pinset (r=keeler)
|
2014-10-30 16:21:09 -07:00 |
|
Monica Chew
|
a8f153ca18
|
Bug 1004781: Remove our pinset for facebook since it's in chromium now (r=keeler)
|
2014-10-30 16:14:19 -07:00 |
|
David Keeler
|
e7bce8b740
|
bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB
|
2014-10-21 15:20:02 -07:00 |
|
J.C. Jones
|
550cc2e2c1
|
Bug 1054498 - Report pinning violations by CA r=keeler
|
2014-10-17 10:33:50 -07:00 |
|
David Keeler
|
b1ec84c2a7
|
bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB
|
2014-10-06 11:28:15 -07:00 |
|
Monica Chew
|
4ec9c87796
|
Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler)
|
2014-10-02 16:45:13 -07:00 |
|
David Keeler
|
e59d626477
|
bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc
|
2014-09-08 09:33:03 -07:00 |
|
Monica Chew
|
c1f1fb37b4
|
Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler)
|
2014-09-05 12:04:26 -07:00 |
|
Monica Chew
|
c8368e00b6
|
Bug 1004781: Enable pinning in test mode for facebook (r=cviecco)
|
2014-08-27 14:18:25 -07:00 |
|
Monica Chew
|
df40d54c7d
|
Bug 1047560: Enable pinning on dropbox (r=keeler)
|
2014-08-01 13:12:38 -07:00 |
|
Camilo Viecco
|
b2e7681ba4
|
Bug 1004353 - Enable pinning for TOR websites. r=mmc
--HG--
extra : rebase_source : d880368dd9eaaafcde353ce187438ae074994bfa
|
2014-07-22 14:28:52 -07:00 |
|
Monica Chew
|
7f1b76324a
|
Bug 1020485: Enable production mode for fxa (r=keeler)
|
2014-07-14 13:06:25 -07:00 |
|
Monica Chew
|
19c176c253
|
Bug 1036142: Don't use kPublicKeyPinningPreloadListLength (r=keeler)
|
2014-07-09 12:58:40 -07:00 |
|
Monica Chew
|
cc5aa7e8c9
|
Bug 1035923: Remove deprecated certs from google_root_pems (r=keeler)
|
2014-07-08 16:01:29 -07:00 |
|
Monica Chew
|
623d51eebd
|
Bug 1027133: Set test_mode=false for *.twitter.com (r=keeler)
|
2014-07-07 08:58:13 -07:00 |
|
Harsh Pathak
|
e99f23fe2a
|
Bug 643041 - Merge nsIX509Cert2 and nsIX509Cert3 into nsIX509Cert, and merge nsIX509CertDB2 into nsIX509CertDB. r=keeler
--HG--
extra : rebase_source : 5283c637e45dbee9f741d56cda54fdef1afce16e
|
2014-07-03 22:09:24 -07:00 |
|
Monica Chew
|
eb4493c61e
|
Bug 1033872: Split off api.accounts.firefox.com into a separate pinset (r=keeler)
|
2014-07-03 16:41:57 -07:00 |
|
Monica Chew
|
2859747c94
|
Bug 1012875: Expire pins in 8 weeks once they reach stable (r=keeler)
|
2014-07-02 11:34:04 -07:00 |
|
Monica Chew
|
955a182d6f
|
Bug 1027133: Enable test mode for *.twitter.com (r=keeler)
|
2014-06-18 16:23:13 -04:00 |
|
Monica Chew
|
68b5959bb3
|
Bug 1004352: Enable pinning for Google in production mode (r=keeler)
|
2014-06-11 15:32:37 -07:00 |
|
Monica Chew
|
2a8bdf8ac7
|
Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler)
|
2014-06-06 13:44:59 -07:00 |
|
Monica Chew
|
2c499987c0
|
Bug 1019772: Enable production mode on pinning AMO (r=keeler)
|
2014-06-03 11:00:39 -07:00 |
|
Camilo Viecco
|
ebf37d16e3
|
Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
|
2014-05-27 10:53:40 -07:00 |
|
Monica Chew
|
b7b4c09739
|
Bug 1004351: Enable production mode for twitter pins (r=keeler)
|
2014-05-22 15:11:07 -07:00 |
|
Monica Chew
|
b3defc8b63
|
Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler)
|
2014-05-22 15:09:45 -07:00 |
|
Camilo Viecco
|
53e3758b6c
|
Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
|
2014-05-15 08:04:54 -07:00 |
|
Monica Chew
|
7dfd0bdbe7
|
Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler)
|
2014-05-15 16:56:51 -07:00 |
|
Monica Chew
|
8428812265
|
Bug 1006594: Implement moz-specific telemetry (r=keeler)
|
2014-05-14 16:36:46 -07:00 |
|
Monica Chew
|
e1cffc99ed
|
Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler)
|
2014-05-08 17:18:50 -07:00 |
|
Camilo Viecco
|
3e488201d3
|
Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc
|
2014-05-09 10:58:47 -07:00 |
|
Camilo Viecco
|
7975f9a0c7
|
Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
|
2014-05-05 13:59:32 -07:00 |
|
Monica Chew
|
f1a0dc002c
|
Bug 1005364: Disable pinning for all mozilla properties (r=keeler)
|
2014-05-04 15:36:38 -07:00 |
|
Monica Chew
|
2b01945b12
|
Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
|
2014-05-01 14:48:37 -07:00 |
|
David Keeler
|
950e25173a
|
bug 969758 - ignore "snionly" property in Google's HSTS preload list r=cviecco DONTBUILD because NPOTB
|
2014-03-21 14:09:04 -07:00 |
|
David Keeler
|
89f4802006
|
bug 947759 - unconditionally add Google sites to the HSTS preload list r=cviecco DONTBUILD NPOTB
|
2014-01-15 11:22:06 -08:00 |
|
David Keeler
|
33883e0b33
|
bug 959796 - refactor error reporting in getHSTSPreloadList.js r=cviecco DONTBUILD NPOTB
|
2014-01-15 11:20:55 -08:00 |
|
David Keeler
|
d1f818ce71
|
bug 950253 - fix typo in getHSTSPreloadList.js r=briansmith DONTBUILD because NPOTB
|
2013-12-13 16:06:54 -08:00 |
|
David Keeler
|
e10f525bd1
|
bug 903762 - be more strict about removing HSTS preload list entries r=cviecco
|
2013-08-15 15:48:39 -07:00 |
|
David Keeler
|
e02475356e
|
bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
|
2013-08-02 15:48:37 -07:00 |
|
Ryan VanderMeulen
|
e91e143e66
|
Backed out changesets 5f8a88c6d0c8 and 97fcb5a154d8 (bug 887052) for OSX mochitest-other orange.
--HG--
rename : netwerk/base/public/nsISiteSecurityService.idl => netwerk/base/public/nsIStrictTransportSecurityService.idl
rename : security/manager/boot/src/nsSiteSecurityService.cpp => security/manager/boot/src/nsStrictTransportSecurityService.cpp
rename : security/manager/boot/src/nsSiteSecurityService.h => security/manager/boot/src/nsStrictTransportSecurityService.h
|
2013-08-05 16:18:06 -04:00 |
|
David Keeler
|
503e645f01
|
bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
|
2013-07-01 09:30:11 -07:00 |
|