Open Bug 1116625 Opened 9 years ago Updated 2 years ago

poor interaction between "never remember history" and permanently saving certificate exceptions

Categories

(Core :: Security: PSM, defect, P5)

34 Branch
defect

Tracking

()

People

(Reporter: fabian.wehning, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [psm-backlog])

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0
Build ID: 20141126041045

Steps to reproduce:

Open a website with a self-signed SSL certificate (in my case for example my own ownCloud-server). Want to add an exception but the box to save it permanently is grey.
Then tried to add it manually by the settings. Same problem. The required check-box is grey (disabled).

This is only related to Windows systems. The 34 branch on linux (in my case lubuntu 14.10) is working as expected.


Actual results:

After every closing and reopening of Firefox you have to trust this same certificate again. Check-box to save permanently is never accessible.


Expected results:

Check-box to save permanently should be accessible and working. After closing and reopening it should not ask me to set an exception.
Component: Untriaged → Security: PSM
Product: Firefox → Core
Hi Fabian, are you using private browsing and/or do you have your history settings set to "Never remember history"? (see Preferences -> Privacy)
Flags: needinfo?(fabian.wehning)
Hi David,

yes I am using the "Never remember history" setting. Is this the reason for this behavior? If this is intended then there really has to be more documentation on what this setting really does. Even if I switch to private browsing there is neither some piece of information on certificates nor any option to configure this behavior.
But how do I have to configure my Firefox if I do not want to save my history but be able to save certificates permanently?
Flags: needinfo?(fabian.wehning)
Hi David,

I have tested to save certificates permanently on disabled "Never remember history" option. The checkbox is active then (as originally expected). If I restart the browser and then enable the option afterwards again the certificate remains saved even if I manually clear the saved data. 
This behavior is inconsistent. Either prohibit to save any site-specific information (and inform the user) or enable the configuration of security related information even if the option is set.
Looks like the UI is in need of some reworking here. Might be as simple as having some explanatory text in the exception dialog box.
Blocks: 1029832
OS: Windows 7 → All
Hardware: x86_64 → All
Summary: Unable to permanently save an exception of self-signed SSL certificates on Windows (7) systems → poor interaction between "never remember history" and permanently saving certificate exceptions
Josh, could we not just always allow saving cert exceptions in permanent private browsing mode ("never remember history") ?
Flags: needinfo?(josh)
I'm not sure if we have any prior art of supporting persistent data between sessions using "Never remember history". If we do, it might be a reasonable solution. If we don't, this seems like an odd feature to exempt.
Flags: needinfo?(josh)
Well, we do support downloading files when in private browsing/never remember history mode, but a) I think we warn the user about that and/or call it out when entering private browsing and b) that's a relatively well-understood action that the user is deliberately taking (as in, they probably understand that what they're doing will cause something to be saved to the disk), whereas it might not be obvious that saving a certificate error override will keep a record of where they've been (which they specifically told the browser they don't want to happen). There might be a UX solution: have a little mouseover dialog that says "You've configured Firefox to not remember history, so this exception will not be permanently saved." or something.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [psm-backlog]
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.