Forgot your password?
typodupeerror
Firefox Encryption Mozilla Security

Mozilla To Support Public Key Pinning In Firefox 32 90

Posted by Soulskill
from the pin-the-key-on-the-fox dept.
Trailrunner7 writes: Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla's own sites, all of the sites pinned in Google Chrome and several Twitter sites. Public-key pinning has emerged as an important defense against a variety of attacks, especially man-in-the-middle attacks and the issuance of fraudulent certificates. The function essentially ties a public key, or set of keys, issued by known-good certificate authorities to a given domain. So if a user's browser encounters a site that's presenting a certificate that isn't included in the set of pinned public keys for that domain, it will then reject the connection. The idea is to prevent attackers from using fake certificates in order to intercept secure traffic between a user and the target site.
This discussion has been archived. No new comments can be posted.

Mozilla To Support Public Key Pinning In Firefox 32

Comments Filter:
  • by Etzos (3726819) on Friday August 29, 2014 @06:03PM (#47787401)
    Probably sometime after electrolysis[1] (e10s) lands. That's probably going to take a while because there's a lot to do between now and when it will be deemed release ready (add-on compatibility, switching some internal components over to e10s friendly versions, memory checks, and various other odds and ends).

    If it's flash or other plugins that were causing the CPU usage then recent versions of Firefox already have that covered. Plugins can be set to click to activate (so it will only run on sites you enable it for) and if one does run out of control then killing the "plugin-container" child process will kill all of the plugins (which can then be reloaded by reloading the tab). As for Javascript running out of control for a particular tab, there's no current solution.

    [1] https://wiki.mozilla.org/Elect... [mozilla.org]
  • by Charliemopps (1157495) on Friday August 29, 2014 @06:40PM (#47787599)

    Sorry! I'm totally wrong! The corporate MITM will work just fine once it is updated:

    Props for correcting yourself. Integrity's sexy.

If a listener nods his head when you're explaining your program, wake him up.

Working...