Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Firefox Encryption Mozilla Security

Mozilla To Support Public Key Pinning In Firefox 32 90

Trailrunner7 writes: Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla's own sites, all of the sites pinned in Google Chrome and several Twitter sites. Public-key pinning has emerged as an important defense against a variety of attacks, especially man-in-the-middle attacks and the issuance of fraudulent certificates. The function essentially ties a public key, or set of keys, issued by known-good certificate authorities to a given domain. So if a user's browser encounters a site that's presenting a certificate that isn't included in the set of pinned public keys for that domain, it will then reject the connection. The idea is to prevent attackers from using fake certificates in order to intercept secure traffic between a user and the target site.
This discussion has been archived. No new comments can be posted.

Mozilla To Support Public Key Pinning In Firefox 32

Comments Filter:
  • Re: Not far enough (Score:3, Interesting)

    by Anonymous Coward on Friday August 29, 2014 @05:17PM (#47787159)

    If Mozilla would just implement DANE that would solve the problem.

  • Re:Please... (Score:5, Interesting)

    by tlhIngan ( 30335 ) <slashdot&worf,net> on Saturday August 30, 2014 @03:46AM (#47789863)

    How about a stable 64-bit version for Windows,

    THere were stable builds for Windows. The problem was people needed plugins which weren't available (because a 64-bit browser can't run 32-bit plugins without a thunk layer). Chrome did it because Chrome ships with the plugins recompiled for 64-bit (because Google has the source code to Flash and all that).

    It's the same reason why Microsoft actively discourages use of the 64-bit version of Office.

    Though, other than being "64-bit", is there a real reason for having a 64-bit browser?

The intelligence of any discussion diminishes with the square of the number of participants. -- Adam Walinsky