Widespread Firefox issues

Constantine A. Murenin mureninc at gmail.com
Sat May 4 03:01:40 UTC 2019

On Fri, 3 May 2019 at 20:57, Brielle Bruns <bruns at 2mbit.com> wrote:

> Just an FYI since this is bound to impact users:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1548973
> Basically, Mozilla forgot to renew an intermediate cert, and people's
> Firefox browsers have mass-disabled addons.
> Whoops.

This is why it's important that every single website on the internet is
available ONLY over HTTPS.  Don't forget to install an HSTS policy, too,
so, if anyone ever visits Kazakhstan or a security-conscious corporate
office, they'll be prevented from accessing the cute pictures of cats on
your fully static website.  Of course, don't forget to abandon HTTP, too,
and simply issue 301 Moved Permanently redirects from all HTTP targets to
HTTPS, to cover all the bases.

Backwards compatibility?  Don't you worry — no browser lets anyone remove
HSTS, once installed, so, you're golden.  And HTTPS links won't fallback to
HTTP, either, so, you're good there, too — your cute cats are safe and
secure, and once folks link to your new site under https://, your future
self will be safe and secure from ever having the option to go insecure
again.  I mean, why would anyone go "insecure"?  Especially now with

Oh, wait…

Wait a moment, and who's the biggest player behind the HTTPS-only
movement?  Oh, and Mozilla's one of the biggest backers of LetsEncrypt,
too?  I see…  Well, nothing to see here, move along!  #TooBigToFail.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190503/0d637986/attachment.html>

More information about the NANOG mailing list