Commit Graph

47 Commits

Author SHA1 Message Date
David Keeler
b6b5289217 bug 1083085 - update where getHSTSPreloadList.js and genHPKPStaticPins.js think Chromium's lists are r=mmc DONTBUILD NPOTB 2014-10-21 15:20:02 -07:00
J.C. Jones
41b59a8438 Bug 1054498 - Report pinning violations by CA r=keeler 2014-10-17 10:33:50 -07:00
David Keeler
68456b113e bug 1077891 - update getHSTSPreloadList.js to reflect changes to nsISiteSecurityService r=mmc DONTBUILD NPOTB 2014-10-06 11:28:15 -07:00
Monica Chew
a012c4b3eb Bug 1030135: Set is_moz if the pinset name contains mozilla, set bucket id for pinsets containing the string mozilla (r=keeler) 2014-10-02 16:45:13 -07:00
David Keeler
e4c17d867b bug 1004781 - follow-up to add "DigiCert ECC Secure Server CA" to Facebook's pinset r=mmc 2014-09-08 09:33:03 -07:00
Monica Chew
6dc1c59d66 Bug 1030135: Enable pinning on services.mozilla.com in test mode (r=keeler) 2014-09-05 12:04:26 -07:00
Monica Chew
cbe70c240d Bug 1004781: Enable pinning in test mode for facebook (r=cviecco) 2014-08-27 14:18:25 -07:00
Monica Chew
99125bd7ad Bug 1047560: Enable pinning on dropbox (r=keeler) 2014-08-01 13:12:38 -07:00
Camilo Viecco
1cf5856cb9 Bug 1004353 - Enable pinning for TOR websites. r=mmc
--HG--
extra : rebase_source : d880368dd9eaaafcde353ce187438ae074994bfa
2014-07-22 14:28:52 -07:00
Monica Chew
c611beb0e3 Bug 1020485: Enable production mode for fxa (r=keeler) 2014-07-14 13:06:25 -07:00
Monica Chew
7e4c6f1d21 Bug 1036142: Don't use kPublicKeyPinningPreloadListLength (r=keeler) 2014-07-09 12:58:40 -07:00
Monica Chew
085607a75a Bug 1035923: Remove deprecated certs from google_root_pems (r=keeler) 2014-07-08 16:01:29 -07:00
Monica Chew
9e4228ecad Bug 1027133: Set test_mode=false for *.twitter.com (r=keeler) 2014-07-07 08:58:13 -07:00
Harsh Pathak
fffec87019 Bug 643041 - Merge nsIX509Cert2 and nsIX509Cert3 into nsIX509Cert, and merge nsIX509CertDB2 into nsIX509CertDB. r=keeler
--HG--
extra : rebase_source : 5283c637e45dbee9f741d56cda54fdef1afce16e
2014-07-03 22:09:24 -07:00
Monica Chew
92f36e6b6f Bug 1033872: Split off api.accounts.firefox.com into a separate pinset (r=keeler) 2014-07-03 16:41:57 -07:00
Monica Chew
9afcf9b174 Bug 1012875: Expire pins in 8 weeks once they reach stable (r=keeler) 2014-07-02 11:34:04 -07:00
Monica Chew
2c60d2032e Bug 1027133: Enable test mode for *.twitter.com (r=keeler) 2014-06-18 16:23:13 -04:00
Monica Chew
fe6ce09033 Bug 1004352: Enable pinning for Google in production mode (r=keeler) 2014-06-11 15:32:37 -07:00
Monica Chew
291d694626 Bug 1020485: Enable pinning in test mode for accounts.firefox.com (r=keeler) 2014-06-06 13:44:59 -07:00
Monica Chew
d5ba5c9bc8 Bug 1019772: Enable production mode on pinning AMO (r=keeler) 2014-06-03 11:00:39 -07:00
Camilo Viecco
2883e1d4ea Bug 1016442 - Make mozilla cdn sites production on built-in list. r=mmc
--HG--
extra : rebase_source : 5d937b61ab86c974210dcc83735cd4308bff018e
2014-05-27 10:53:40 -07:00
Monica Chew
c21cc7a85f Bug 1004351: Enable production mode for twitter pins (r=keeler) 2014-05-22 15:11:07 -07:00
Monica Chew
f87b89298d Bug 1014344: Use Google's root pems in addition to their intermediate certs (r=keeler) 2014-05-22 15:09:45 -07:00
Camilo Viecco
4eff7cf088 Bug 1009635 - PreloadedHPKP.json should also contain production/exclusion lists. r=keeler
--HG--
extra : rebase_source : 46c13e490358f26b21191d6d783d795897ceea63
2014-05-15 08:04:54 -07:00
Monica Chew
a1ab4d859d Bug 1007844: Implement per-host telemetry for pin violations for AMO and aus4 (r=keeler) 2014-05-15 16:56:51 -07:00
Monica Chew
f023ce771c Bug 1006594: Implement moz-specific telemetry (r=keeler) 2014-05-14 16:36:46 -07:00
Monica Chew
d1eb9b420d Bug 772756: Implement sha1 support, import Chrome's pinsets wholesale, add test mode (r=cviecco,keeler) 2014-05-08 17:18:50 -07:00
Camilo Viecco
b1148150bc Bug 1007986 - Remove 1024 bit roots from mozilla pin list. r=mmc 2014-05-09 10:58:47 -07:00
Camilo Viecco
ae2571aa01 Bug 1006107 - Disable pining by default, setup pinning for *.addons.mozilla.org. r=dkeeler
--HG--
extra : rebase_source : 93b1dbd5dc31490424060729a3941deffa8ee1d5
2014-05-05 13:59:32 -07:00
Monica Chew
b049aa3cac Bug 1005364: Disable pinning for all mozilla properties (r=keeler) 2014-05-04 15:36:38 -07:00
Monica Chew
92fa29b307 Bug 1002696 - Minimum set of changes to make genHPKPStaticPins.js productionizable. r=cviecco, dkeeler
--HG--
rename : security/manager/boot/src/PreloadedHPKPins.json => security/manager/tools/PreloadedHPKPins.json
rename : security/manager/boot/src/genHPKPStaticPins.js => security/manager/tools/genHPKPStaticPins.js
2014-05-01 14:48:37 -07:00
David Keeler
d33e060a52 bug 969758 - ignore "snionly" property in Google's HSTS preload list r=cviecco DONTBUILD because NPOTB 2014-03-21 14:09:04 -07:00
David Keeler
a421073e54 bug 947759 - unconditionally add Google sites to the HSTS preload list r=cviecco DONTBUILD NPOTB 2014-01-15 11:22:06 -08:00
David Keeler
d28656fb1a bug 959796 - refactor error reporting in getHSTSPreloadList.js r=cviecco DONTBUILD NPOTB 2014-01-15 11:20:55 -08:00
David Keeler
183762aa4e bug 950253 - fix typo in getHSTSPreloadList.js r=briansmith DONTBUILD because NPOTB 2013-12-13 16:06:54 -08:00
David Keeler
8ee812c1c4 bug 903762 - be more strict about removing HSTS preload list entries r=cviecco 2013-08-15 15:48:39 -07:00
David Keeler
9cbdeb8d74 bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
2013-08-02 15:48:37 -07:00
Ryan VanderMeulen
f5e9dc8c73 Backed out changesets 5f8a88c6d0c8 and 97fcb5a154d8 (bug 887052) for OSX mochitest-other orange.
--HG--
rename : netwerk/base/public/nsISiteSecurityService.idl => netwerk/base/public/nsIStrictTransportSecurityService.idl
rename : security/manager/boot/src/nsSiteSecurityService.cpp => security/manager/boot/src/nsStrictTransportSecurityService.cpp
rename : security/manager/boot/src/nsSiteSecurityService.h => security/manager/boot/src/nsStrictTransportSecurityService.h
2013-08-05 16:18:06 -04:00
David Keeler
2333ac300d bug 887052 - rename nsIStrictTransportSecurityService to nsISiteSecurityService for refactoring r=cviecco r=mcmanus r=jst sr=jst
--HG--
rename : netwerk/base/public/nsIStrictTransportSecurityService.idl => netwerk/base/public/nsISiteSecurityService.idl
rename : security/manager/boot/src/nsStrictTransportSecurityService.cpp => security/manager/boot/src/nsSiteSecurityService.cpp
rename : security/manager/boot/src/nsStrictTransportSecurityService.h => security/manager/boot/src/nsSiteSecurityService.h
2013-07-01 09:30:11 -07:00
Ehsan Akhgari
9854ac6166 Bug 872127 - Part 2: Replace mozilla/StandardInteger.h with stdint.h; r=Waldo,ted 2013-07-30 10:25:31 -04:00
David Keeler
3bced0e559 bug 847621 - follow-up to fix SOURCE url r=bsmith DONTBUILD because NPOTB 2013-04-15 11:51:52 -07:00
David Keeler
6462811a45 bug 847621 - HSTS preload list: be more careful about dropping sites r=cviecco sr=bsmith DONTBUILD because NPOTB 2013-04-12 10:20:01 -07:00
David Keeler
f28e120d8c bug 822771 - add timeout to getHSTSPreloadList.js' XHRs r=bsmith DONTBUILD (NPOB) 2013-01-29 11:56:57 -08:00
David Keeler
b01ad0081c bug 819106 - update processStsHeader call in hsts preload list script r=bsmith DONTBUILD (NPOTB) 2012-12-06 16:46:00 -08:00
David Keeler
48d041d98a bug 800444 - disable HSTS preload list if firefox has not updated in 18 weeks r=bsmith, mayhemer 2012-10-26 09:50:23 -07:00
David Keeler
2148728e6b bug 786417 - filter the hsts preload list to sites that actually send the header r=bsmith, mayhemer 2012-10-15 14:43:57 -07:00
David Keeler
20b92d9190 Bug 760307 - Preloaded strict-transport-security site list. r=mayhemer, bsmith 2012-08-24 14:17:27 -07:00