Open
Bug 930497
Opened 11 years ago
Updated 6 months ago
Thunderbird ask for all PINs of a FINeID smartcard although only PIN1 is needed for email signing (pin2 is for web)
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
UNCONFIRMED
People
(Reporter: mozilla, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0 (Beta/Release) Build ID: 2013091200 Steps to reproduce: Use a Finnish FINeID PKCS#15 smart card via OpenSC. Added the card as per instructions. Selected the appropriate certificate for email-signing. Actual results: The Finnish FINeID card has 2 certificates of which the first is for email-signing and web-identification and the second for official signatures. Both certificate have different PINs. On card insert or access, Thunderbird asks the PINs for both certificates, although only the first certificate is selected in identity/security options. Signing itself works correctly. NOTICE: Firefox has the same issue - also always asks for both PINs, no matter if only one certificate is selected! Please create a crosslink bug! Expected results: TB should only access certificates which are actually used/needed from a card with multiple certificates.
|
||
Comment 1•8 years ago
|
||
Stefan, can you still reproduce this when using a current version?
Flags: needinfo?(mozilla)
|
Reporter | |
Comment 2•8 years ago
|
||
Actually, I mostly stopped using Thunderbird because of a number of issues with signatures and others. See - among others Bug 947593. After TB recently also started asking the smartcard PIN on startup to authenticate to IRC servers (also not requested), I dropped TB on almost all my systems.
Flags: needinfo?(mozilla)
|
|
||
Comment 3•8 years ago
|
||
(In reply to Stefan Gofferje from comment #2) > ... > After TB recently also started asking the smartcard PIN on startup to > authenticate to IRC servers (also not requested), I dropped TB on almost all > my systems. Thanks Stefan. Can you give a time frame or version number to when the behavior regressed?
Flags: needinfo?(mozilla)
|
|
||
Comment 4•5 years ago
|
||
Does this issue sound familiar?
I thought I recently read something recently about thread safe issue in NSS
(reporter is gone)
Flags: needinfo?(mozilla)
Flags: needinfo?(mkmelin+mozilla)
Flags: needinfo?(kaie)
Summary: Thunderbird ask for all PINs of a FINeID smartcard although only PIN1 is needed → Thunderbird ask for all PINs of a FINeID smartcard although only PIN1 is needed for email signing (pin2 is for web)
|
||
Comment 6•5 years ago
|
||
This seems to be a general issue with smartcard support in NSS, probably not specific to Thunderbird.
Assignee: nobody → nobody
Component: Security → Libraries
Flags: needinfo?(kaie)
Product: Thunderbird → NSS
QA Contact: jjones
Version: 24 Branch → other
|
||
Updated•2 years ago
|
Severity: normal → S3
|
||
Updated•6 months ago
|
Severity: S3 → S4
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•