On Tue, 06 Dec 2016 17:14:48 -0500
Colin Walters <walters(a)verbum.org> wrote:
On Tue, Nov 29, 2016, at 02:00 PM, Kevin Fenzi wrote:
>
> The various browsers already have our digicert cert hard coded.
Hum, really? Reference?
$ pwd
/home/walters/src/github/mozilla/gecko-dev
$ git rev-parse HEAD
a8b5f53e7df90df655a0982e94087ee83290c22e
$ git grep
fedoraproject.org
Shows me what looks like a HSTS preload entry, but not a ca/cert
pin. (Remember HSTS preload == use https:// by default)
ok, I finally found some time to sit down and do some digging and... I
can't find it now. ;(
I cannot even see the HSTS preload there in firefox/chromium, but that
might have gotten kicked out due to a error with
paste.fedoraproject.org I can investigate more.
So, sorry for that sidetrack/delay... we can move forward AFAICT.
kevin