478763 - Working with multiple personal certificates - selecting one for the session

Status: RESOLVED INCOMPLETE

(Core Graveyard :: Security: UI, enhancement)

Description

[Ivan Ivanov]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6

Currently there are two options in Tools/Options/Advanced/Encryption
When a server requests my personal certificate:
*Select one automatically   *Ask me every time
Automatic works fine with a single certificate but with more than one the user has to use the manual option. In the second case, the user is asked to select a certificate almost on every step of a transaction.

Reproducible: Always



Expected Results:  
If possible, would be better if the user is asked which certificate to use for the new session and after selection is done Firefox uses the selected certificate automatically while the session is active.

Comment 1

[Johnathan Nightingale [:johnath]]

Interesting idea with some obvious use cases, but over to PSM for further discussion.

Comment 2

[Kai Engert (:KaiE:)]

See also https://wiki.mozilla.org/PSM:CertPrompt
for lots of ideas and details around client auth and multiple certs.
We have other open bugs, but haven't been able yet to work on improvements.

Comment 3

[Ivan Ivanov]

In my particular case as an user there are two bank accounts managed from the same PC. One added lately. In automatic mode Firefox always takes the newer and session is broken with "Invalid certificate" message. It's obvious that fully automatic mode is quite a complicated task. Semi-automatic may be less difficult to accomplish. 
Sorry if I've written nonsense.

Comment 4

[Kai Engert (:KaiE:)]

reassign bug owner.
mass-update-kaie-20120918

Comment 5

[fettucini]

** FIXME FIXME FIXME **

To me, this is more of a *bug* instead a feature request...

Even if just one personal cert is installed, also other, potentially unwanted uninvolved open https tabs will trigger the authentication request popup. In case of several open tabs, it's easy to accidentially clicking OK, thus sending the certificate to servers not supposed to get that kind of authentication information. 

This poses a privacy invasion in cases, where such servers usually only get pseudonyms + passwords (e. g. forums), but now are also receiving potentially personally identifyable information - just because of one accidential click.

If this also could pose securtiy implications, I can't judge.

To help avoiding such scenarios in the first place, though, it might help to enable personal certs being pinned to selected servers/domains on the first hit, thus preventing accidentially sending personal authentication information to other servers later on, where not applicable/unwanted.

This bug is not exactly NEW anymore... please prioritize this one soon!

Comment 6

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Ivan - unless I'm misunderstanding, the current dialog has a checkbox you can check to make Firefox remember that decision for that site for your session. Is this the behavior you're looking for? Or are you saying Firefox should ask what certificate you want to use for every site for a session?

fettucini - it sounds like you're either seeing the master password dialog (known issue: bug 177175 etc.) or you're describing the fundamental privacy problem with client certificates (also known issue, but not easily solvable). In any case, this bug will probably not address your concerns.

Comment 7

[fettucini]

Cannot confirm anymore, whether the problem was the master password dialog popping up manytimes, or the sending client cert dialog, back then. What I can confirm is, the problem disappered shortly after my original comment and it doesn't occur in FF 52.7.