Closed Bug 101354 Opened 23 years ago Closed 8 years ago

Various feature requests for unknown CA alert

Categories

(Core Graveyard :: Security: UI, enhancement, P4)

1.0 Branch
enhancement

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1241065

People

(Reporter: timeless, Unassigned)

References

()

Details

try to load https://sourceforge.net in a new mozilla w32 build get: There is a problem with the certificate that identitfies "sourceforge.net". Do you want to continue? The certificate was issued by a certificate authority that Mozilla does not recognize. <View Certificate> [ ] Remember this certificate permanently <Continue> <Cancel> <Help> ok. there is not one problem, there are at least 3 problems. 1. there's no title, to be useful i'd like the site "sourceforge.net" to be listed in the title if nothing else. <- i'll file this as a new bug if people object 2. the issuer is not listed in the dialog (you have to view the certificate, which takes forever to open and close). <- i'll file this as a few new bugs if people object 3. you can't add the authority from this dialog (or the details dialog). <- this is the raison d'être 4. The text at the top of the message is so generic as to be utterly useless. I need to skip it because it contains no useful information. <- i'll complain elsewhere if people wish 5. Continue what? by the time i've gotten to continue i'm not quite sure what i'm doing because the question is asked, and then a random statement (explaining why you asked the question) is given, and then i get some choices. Which of course don't match the question. 6. I seem to recall that spec required Certificate Authority to use initial caps. ok, well there are two more big ones, which i need to file separately 7. View Certificate needs to be able to <validate> against the certificate authority w/o requiring the authority to be added 8. This stupid dialog stops *ALL* network traffic. ok so this is more than 3 ... 9. The authority for sourceforge is major. And therefore i should not have gotten this dialog in the first place. Here are two proposals. 1. Add <Add Authority> to the left of <Continue> and make it do what it says (including dismiss the dialog -- i think...) 2. Rework the dialog to do at least 1. <dialog title="Unknown Certificate Authority for &sitename;"> <image class="alert"/>&issuername;, the issuer of this certificate is not in your Certificate Authority list. <hbox><button label="Add Authority"/><button label="View Certificate"/><button label="Help"/></hbox> <hbox><button label="Remember Certificate"/><button label="Accept Certificate"/><button label="Cancel"/></hbox></dialog> This form would go nicely with the following other forms: <dialog title="Certificate for &sitename; expired &daydelta"> <image class="alert"/>It was issued on &issuedate; and expired on &expirydate;. <hbox><button label="View Certificate"/><button label="Help"/></hbox> <hbox><button label="Remember Certificate"/><button label="Accept Certificate"/><button label="Cancel"/></hbox></dialog>
OS: Windows 98 → All
The UI for this dialog was redesigned under mpt's guidelines, with input by doc writers, etc..., by Hwaara (see bug 91466). We're also thinking of implementing bug 99411, which would moot most of the issues listed in the bug. sourceforge.net CA is already in the browser. something must be wrong with either your build, or your profile.
Severity: normal → enhancement
Priority: -- → P4
Target Milestone: --- → Future
my profile is less than one month old, and has only seen 2 or 3 mozilla versions. However, it was created by winEmbed and not mozilla. I'll try a new profile today. Yes mpt and hwaara reworked the dialog, however in our view (me and some colleagues @work) the dialog is totally useless. the fact that you're considering bug 99411 indicates that some of the design theories that formed the basis for their reworking were fatally flawed. In the interim, please implement 1.
I wanted Håkan to do what's described in bug 99411 instead of bug 91466, but he wanted to decruft the individual alerts first. So the reasoning for Timeless's `fatally flawed' statement is rubbish. (1) is invalid, because it would slow the user down by misleading them into thinking that the title was useful, when it wouldn't be because the hostname is in the alert text already. (2) is a good point which should be fixed. (I can't remember why it wasn't done in the first place.) (3) is possible, though it would need to replace the current checkbox since having more than one checkbox in a confirmation alert would be really icky. (4) is necessary preparation for bug 99411, so it's rather amusing to advocate that bug while simultaneously complaining about its text. (5) is invalid. The question asks if you want to continue, and the button is labelled `Continue'. Just like an alert which asks you if you want to save, where the button is labelled `Save'. (6) I have no idea about, but it sounds like a bug in the spec. (7) would be nice -- it could be a `Validate...' button alongside `Cancel' and `Continue'. (8) is a separate Networking bug, probably. (9) seems to be your profile. So, we want: * the name of the unknown CA included in the alert text * changing the checkbox text and function to `Accept future certificates issued by {name of authority}' * the ability to validate a certificate issued by an unknown CA (is this possible?) * certificate checks to refrain from blocking other HTTP requests. These are highly unrelated features, so they really need separate bugs.
Hardware: PC → All
Summary: There is a problem with the dialog that does not identify itself, it portrays that the certificate that identifies some server was issued by an unrecognized (albeit major) issuing authority → Various feature requests for unknown CA alert
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
Mass change "Future" target milestone to "--" on bugs that now are assigned to nobody. Those targets reflected the prioritization of past PSM management. Many of these should be marked invalid or wontfix, I think.
Target Milestone: Future → ---
Product: PSM → Core
QA Contact: junruh → ui
Given that bug 327181 has now been fixed, is this bug relevant anymore?
Version: psm2.1 → 1.0 Branch
2 is most certainly not fixed (there might be a bug for it), but yes, find me a bug for that and you're free to mark this as wfm/wont
2 will be addressed by bug 1241065.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.