*Summary*: As of Firefox 75, Intermediate CA Preloading will be enabled for
all Desktop users. This means that all intermediate CAs disclosed to
Mozilla will be pre-loaded into profiles, combatting the common secure
website misconfiguration of forgetting to include these certificates.
Previously, progression of this work was stalled by a dependency on rkv
improvements; this has now been resolved. Further details can be found this
comprehensive dev-platform post:
https://groups.google.com/forum/#!msg/mozilla.dev.platform/ATbLAQpWLXE/BZqxGxyyBQAJ
*Tracking Bug*: <
https://bugzilla.mozilla.org/show_bug.cgi?id=1562657>
https://bugzilla.mozilla.org/show_bug.cgi?id=1535662
*Standard*: N/A.
*Estimated target release*: Firefox 75
*Platform coverage*: All Desktop platforms.
*Preference*: We intend to ship this feature as enabled by default, but it
may be disabled by setting the
“security.remote_settings.intermediates.enabled" pref to ‘false’.
*DevTools bug*: N/A.
*Other browsers*: N/A.
*Testing*: Enabled in pre-release since Firefox 68
*Secure contexts*: N/A.
*Bug to enable*:
https://bugzilla.mozilla.org/show_bug.cgi?id=1603834
Please do not hesitate to reach out if you have any further questions or
concerns.
Best,
Thyla
--
Dr. Thyla van der Merwe
Cryptography Engineering Manager