[tor-bugs] #25146 [Internal Services/Tor Sysadmin Team]: Enable HPKP for aus1
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 5 12:40:43 UTC 2018
#25146: Enable HPKP for aus1
-----------------------------------------------------+-----------------
Reporter: gk | Owner: tpa
Type: task | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------------------------------+-----------------
So, this seems to have been fallen through the cracks. A while ago I got
asked to ask Mozilla how to get subdomains added to the HPKP list. I got
the info and tried to move that forward in #tor-project but that failed.
So, here is where we are
{{{
18:01 < GeKo> so i asked around a bit a while back wrt getting more tpo
subdomains in the static firefox pin list.
18:02 < GeKo> and the answer was basically to open a ticket on bugzilla
18:02 < GeKo> probably similar to
https://bugzilla.mozilla.org/show_bug.cgi?id=1219185
18:03 < GeKo> or maybe even better as a child bug to the pin all the
things one:
https://bugzilla.mozilla.org/show_bug.cgi?id=1004350
18:03 < GeKo> i'd be especially interested in static pins for the updater
related
subdomains
18:04 < GeKo> what's the process for getting this moved forward?
}}}
One thing to consider is that Google is deprecating HPKP and pushing for
CT. Not sure how that influences our decision for supporting HPKP
ourselves
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25146>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list