mkaply
commented
1 year ago These OCSP prefs are able to set via the Preferences policy starting with 114
"security.OCSP.enabled",
"security.OCSP.require",
"security.ssl.enable_ocsp_stapling",Closed htcfreek closed 7 months ago
mkaply
commented
1 year ago These OCSP prefs are able to set via the Preferences policy starting with 114
"security.OCSP.enabled",
"security.OCSP.require",
"security.ssl.enable_ocsp_stapling",
htcfreek
commented
1 year ago These OCSP prefs are able to set via the Preferences policy starting with 114
"security.OCSP.enabled", "security.OCSP.require", "security.ssl.enable_ocsp_stapling",
Yes. But not security.ssl.enable_ocsp_must_staple. Why?
mkaply
commented
1 year ago It's set true by default. Are you concerned a user would go to about:config and turn it off?
htcfreek
commented
1 year ago It's set true by default. Are you concerned a user would go to about:config and turn it off?
This is prevented by "Block about:config" policy. But I like to force the setting in case Mozilla changes something in the future.
mkaply
commented
7 months ago The feedback from the team was that this won't change and you should be fine. If it becomes an issue, we can add it.
Please allow to force the preference "security.ssl.enable_ocsp_must_staple" to be enabled (true) using the Prefs policy.
Btw, it doesn't make sense to me that I can't set it, if I can set "security.ssl.enable_ocsp_stapling" using the policy.