On Tue, 06 Dec 2016 17:14:48 -0500 Colin Walters <walters@xxxxxxxxxx> wrote: > On Tue, Nov 29, 2016, at 02:00 PM, Kevin Fenzi wrote: > > > > The various browsers already have our digicert cert hard coded. > > Hum, really? Reference? > > $ pwd > /home/walters/src/github/mozilla/gecko-dev > $ git rev-parse HEAD > a8b5f53e7df90df655a0982e94087ee83290c22e > $ git grep fedoraproject.org > > Shows me what looks like a HSTS preload entry, but not a ca/cert > pin. (Remember HSTS preload == use https:// by default) ok, I finally found some time to sit down and do some digging and... I can't find it now. ;( I cannot even see the HSTS preload there in firefox/chromium, but that might have gotten kicked out due to a error with paste.fedoraproject.org I can investigate more. So, sorry for that sidetrack/delay... we can move forward AFAICT. kevin
Attachment:
pgpBDQzU6Nc3M.pgp
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx
