[cabfpub] URLs relating to Mozilla browser update
Gervase Markham
gerv at mozilla.org
Wed Mar 11 12:18:15 MST 2015
The following URLs relate to things shared in the Mozilla browser update
at the face-to-face:
SSL 3 disablement bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1076983
Small EV keys disablement bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=622859
RC4 weakness at Black Hat:
https://www.blackhat.com/asia-15/briefings.html#bar-mitzva-attack-breaking-ssl-with-13-year-old-rc4-weakness
List of RC4-only sites:
https://bugzilla.mozilla.org/showdependencytree.cgi?id=1138101&hide_resolved=1
Final 1024-bit root removal bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1132496
Superfish blog post:
https://blog.mozilla.org/security/2015/02/27/getting-superfish-out-of-firefox/
Revocation plan:
https://wiki.mozilla.org/CA:RevocationPlan
OneCRL implementation bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=onecrl
Intermediate revocation notification procedure:
https://wiki.mozilla.org/CA:ImprovingRevocation#Preload_Revocations_of_Intermediate_CA_Certificates
Short-lived certs bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1141189
Name constraints proposal:
https://wiki.mozilla.org/CA:NameConstraints
CA Policy 2.3 potential items:
https://wiki.mozilla.org/CA:CertPolicyUpdates#Consider_for_Version_2.3
Gerv
More information about the Public
mailing list