Bug 1399959 - Prefer hardware instead of software U2F tokens r?keeler draft
authorJ.C. Jones <jjones@mozilla.com>
Thu, 14 Sep 2017 10:51:20 -0700
changeset 664961 d32cf43c0126e6f46a69aac806d9d9e0ae89a365
parent 664736 dd6b788f149763c4014c27f2fe1a1d13228bda82
child 731607 483df47aeead64e34e63a0fcf2706f9cdffb7408
push id79877
push userbmo:jjones@mozilla.com
push dateThu, 14 Sep 2017 17:51:41 +0000
reviewerskeeler
bugs1399959, 1388851
milestone57.0a1
Bug 1399959 - Prefer hardware instead of software U2F tokens r?keeler Bug 1388851 adds hardware U2F support to Gecko; the instructions to test involve flipping two prefs, but the common case will be using harwdare tokens, so this patch makes users only haave to flip the "security.webauth.u2f" or "security.webauth.webauthn" prefs as they choose. MozReview-Commit-ID: 346120ZI8p4
security/manager/ssl/security-prefs.js
--- a/security/manager/ssl/security-prefs.js
+++ b/security/manager/ssl/security-prefs.js
@@ -111,17 +111,17 @@ pref("security.pki.netscape_step_up_poli
 // Configures Certificate Transparency support mode:
 // 0: Fully disabled.
 // 1: Only collect telemetry. CT qualification checks are not performed.
 pref("security.pki.certificate_transparency.mode", 0);
 
 pref("security.webauth.u2f", false);
 pref("security.webauth.webauthn", false);
 pref("security.webauth.webauthn_enable_softtoken", false);
-pref("security.webauth.webauthn_enable_usbtoken", false);
+pref("security.webauth.webauthn_enable_usbtoken", true);
 
 pref("security.ssl.errorReporting.enabled", true);
 pref("security.ssl.errorReporting.url", "https://incoming.telemetry.mozilla.org/submit/sslreports/");
 pref("security.ssl.errorReporting.automatic", false);
 
 // Impose a maximum age on HPKP headers, to avoid sites getting permanently
 // blacking themselves out by setting a bad pin.  (60 days by default)
 // https://tools.ietf.org/html/rfc7469#section-4.1