Closed Bug 1018876 Opened 6 years ago Closed 6 years ago

(mozilla::pkix) FF32 revoked EV cert checks fails

Categories

(Core :: Security: PSM, defect)

32 Branch
x86
Windows 7
defect
Not set

Tracking

()

RESOLVED DUPLICATE of bug 997509
Tracking Status
firefox29 --- unaffected
firefox30 --- unaffected
firefox31 - affected
firefox32 - affected

People

(Reporter: vijay, Unassigned)

References

Details

(Keywords: regression)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.76.4 (KHTML, like Gecko) Version/7.0.4 Safari/537.76.4

Steps to reproduce:

Visit https://test-sspev.verisign.com:2443/test-SSPEV-revoked-verisign.html in FF32. 



Actual results:

The site is displayed without any errors or warnings 


Expected results:

The site should fail, as the cert has been revoked. FF29 correctly identifies the cert as revoked and provides a warning.
OS: Mac OS X → Windows 7
I can reproduce on mac on 32, but not on 30. Don't know when this regressed.
Status: UNCONFIRMED → NEW
Component: Untriaged → General
Ever confirmed: true
Product: Firefox → Core
Oh, nevermind.

Totes blaming bug 990248. I didn't realize, from the summary, that this was a Thing.

David, this seems serious. Can you look into it, please? :-)
Blocks: 990248
Flags: needinfo?(dkeeler)
Component: General → Security: PSM
Serious issue. Tracking.
The "is revoked" response is expired. See bug 997509
Depends on: 997509
Yes - we're going to change how expired responses that also indicate a revoked/unknown certificate are handled.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(dkeeler)
Resolution: --- → DUPLICATE
Duplicate of bug: 997509
Duplicate, not tracking anymore.
You need to log in before you can comment on or make changes to this bug.