101354 - Various feature requests for unknown CA alert

Status: RESOLVED DUPLICATE of bug 1241065

(Core Graveyard :: Security: UI, enhancement, P4)

Description

[timeless]

try to load https://sourceforge.net in a new mozilla w32 build
get:
There is a problem with the certificate that identitfies "sourceforge.net". Do
you want to continue?

The certificate was issued by a certificate authority that Mozilla does not
recognize.

<View Certificate>

[ ] Remember this certificate permanently
<Continue> <Cancel> <Help>

ok. there is not one problem, there are at least 3 problems.
1. there's no title, to be useful i'd like the site "sourceforge.net" to be
listed in the title if nothing else. <- i'll file this as a new bug if people object
2. the issuer is not listed in the dialog (you have to view the certificate,
which takes forever to open and close). <- i'll file this as a few new bugs if
people object
3. you can't add the authority from this dialog (or the details dialog). <- this
is the raison d'être
4. The text at the top of the message is so generic as to be utterly useless. I
need to skip it because it contains no useful information. <- i'll complain
elsewhere if people wish
5. Continue what? by the time i've gotten to continue i'm not quite sure what
i'm doing because the question is asked, and then a random statement (explaining
why you asked the question) is given, and then i get some choices. Which of
course don't match the question.
6. I seem to recall that spec required Certificate Authority to use initial caps.

ok, well there are two more big ones, which i need to file separately
7. View Certificate needs to be able to <validate> against the certificate
authority w/o requiring the authority to be added
8. This stupid dialog stops *ALL* network traffic.
ok so this is more than 3 ...
9. The authority for sourceforge is major. And therefore i should not have
gotten this dialog in the first place.

Here are two proposals.

1. Add <Add Authority> to the left of <Continue> and make it do what it says
(including dismiss the dialog -- i think...)

2. Rework the dialog to do at least 1.
<dialog title="Unknown Certificate Authority for &sitename;">
<image class="alert"/>&issuername;, the issuer of this certificate is not in
your Certificate Authority list.
<hbox><button label="Add Authority"/><button label="View Certificate"/><button
label="Help"/></hbox>
<hbox><button label="Remember Certificate"/><button label="Accept
Certificate"/><button label="Cancel"/></hbox></dialog>

This form would go nicely with the following other forms:
<dialog title="Certificate for &sitename; expired &daydelta">
<image class="alert"/>It was issued on &issuedate; and expired on &expirydate;.
<hbox><button label="View Certificate"/><button label="Help"/></hbox>
<hbox><button label="Remember Certificate"/><button label="Accept
Certificate"/><button label="Cancel"/></hbox></dialog>

Comment 1

[Stephane Saux]

The UI for this dialog was redesigned under mpt's guidelines, with input by doc
writers, etc..., by Hwaara (see bug 91466).

We're also thinking of implementing bug 99411, which would moot most of the
issues listed in the bug.

sourceforge.net CA is already in the browser.  something must be wrong with
either your build, or your profile.

Comment 2

[timeless]

my profile is less than one month old, and has only seen 2 or 3 mozilla 
versions.  However, it was created by winEmbed and not mozilla.  I'll try a new 
profile today. 

Yes mpt and hwaara reworked the dialog, however in our view (me and some 
colleagues @work) the dialog is totally useless.

the fact that you're considering bug 99411 indicates that some of the design 
theories that formed the basis for their reworking were fatally flawed.

In the interim, please implement 1.

Comment 3

[Matthew T (active 1999-2002)]

I wanted Håkan to do what's described in bug 99411 instead of bug 91466, but he 
wanted to decruft the individual alerts first. So the reasoning for Timeless's 
`fatally flawed' statement is rubbish.

(1) is invalid, because it would slow the user down by misleading them into
    thinking that the title was useful, when it wouldn't be because the
    hostname is in the alert text already.
(2) is a good point which should be fixed. (I can't remember why it wasn't done
    in the first place.)
(3) is possible, though it would need to replace the current checkbox since
    having more than one checkbox in a confirmation alert would be really icky.
(4) is necessary preparation for bug 99411, so it's rather amusing to advocate
    that bug while simultaneously complaining about its text.
(5) is invalid. The question asks if you want to continue, and the button is
    labelled `Continue'. Just like an alert which asks you if you want to save,
    where the button is labelled `Save'.
(6) I have no idea about, but it sounds like a bug in the spec.
(7) would be nice -- it could be a `Validate...' button alongside `Cancel' and
    `Continue'.
(8) is a separate Networking bug, probably.
(9) seems to be your profile.

So, we want:
*   the name of the unknown CA included in the alert text
*   changing the checkbox text and function to `Accept future certificates
    issued by {name of authority}'
*   the ability to validate a certificate issued by an unknown CA (is this
    possible?)
*   certificate checks to refrain from blocking other HTTP requests.

These are highly unrelated features, so they really need separate bugs.

Comment 4

[John G. Myers]

Mass reassign ssaux bugs to nobody

Comment 5

[Nelson Bolyard (seldom reads bugmail)]

Mass change "Future" target milestone to "--" on bugs that now are assigned to
nobody.  Those targets reflected the prioritization of past PSM management.
Many of these should be marked invalid or wontfix, I think.

Comment 6

[AndrewM]

Given that bug 327181 has now been fixed, is this bug relevant anymore?

Comment 7

[timeless]

2 is most certainly not fixed (there might be a bug for it), but yes, find me a bug for that and you're free to mark this as wfm/wont

Comment 8

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

2 will be addressed by bug 1241065.