Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1780787 - signingscript: remove digicerthack #584

Merged
merged 6 commits into from Jan 24, 2023
Merged

Bug 1780787 - signingscript: remove digicerthack #584

merged 6 commits into from Jan 24, 2023

Conversation

jcristau
Copy link
Contributor

DigiCert's timestamp server now includes an intermediate in its response that serves our purposes (chains to a root that's included in Windows 7), so we don't need to mess with the certificates ourselves anymore.

@jcristau jcristau requested a review from a team November 16, 2022 14:19
JohanLorenzo
JohanLorenzo approved these changes Nov 16, 2022
View reviewed changes
Copy link
Contributor

@JohanLorenzo JohanLorenzo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me based on the fact that we're just reverting commits and based on the thorough explanation in bug 1780787 comment 1.

Do we have a way to test this on try and nightly first? If we could make this change ride the trains, that would give us some leeway to ensure the timing is right and we don't break anything. That said, I'm not going to block on this 🙂

signingscript/tox.ini Show resolved Hide resolved
@jcristau
Copy link
Contributor Author

This looks good to me based on the fact that we're just reverting commits and based on the thorough explanation in bug 1780787 comment 1.

Do we have a way to test this on try and nightly first? If we could make this change ride the trains, that would give us some leeway to ensure the timing is right and we don't break anything. That said, I'm not going to block on this slightly_smiling_face

There's a few things we could do. Off the top of my head:

  • turn off the hack for adhoc, get a binary signed that way, and test it, before we remove the code
  • add a "turn off the hack for me please" param in the task payload, and land a patch in-tree to set it, so it can ride the trains; once we're happy we can remove the code and ignore the flag
  • turn off the hack for nightly and dep signing, and test on nightly, before we remove the code

It all depends on the amount of effort we want to spend vs the risk. I'm reasonably comfortable landing this directly after the checks I've done, but I could be convinced to go for a more cautious approach.

@jcristau jcristau changed the title Bug 1780787 - remove digicerthack Bug 1780787 - signingscript: remove digicerthack Nov 16, 2022
@JohanLorenzo
Copy link
Contributor

Thanks for thinking these options through, @jcristau! To me, the third one is the most pragmatic. We can test this on the Nightly population without landing many patches in various places.

@jcristau
Copy link
Contributor Author

Thanks for thinking these options through, @jcristau! To me, the third one is the most pragmatic. We can test this on the Nightly population without landing many patches in various places.

Cool. Doing this in #588

@jcristau jcristau merged commit 22b191e into mozilla-releng:master Jan 24, 2023
@jcristau jcristau deleted the remove-digicerthack branch January 24, 2023 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@escapewindow escapewindow escapewindow left review comments

@JohanLorenzo JohanLorenzo JohanLorenzo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jcristau @JohanLorenzo @escapewindow