Closed Bug 1175144 Opened 9 years ago Closed 5 years ago

Keygen option names (grade) too vague

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: michal.bozon, Assigned: jkt)

References

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.125 Safari/537.36

Steps to reproduce:

Open web page containing <keygen/> (<keygen keytype="rsa"/>, which is default).


Actual results:

"High Grade" and "Medium Grade" options, without keysize description, are offered.
In the same time, the labels obviously cannot be customized.


Expected results:

The options should me more specific, like in other browsers,
like "2048 (High Grade)". 
I personally would like to see the keysize only - I'm not sure whether 2048 bit modulus can be considered "high grade" these times.

And look at this relic in the very recent (38.0.6) Firefox source code (mozilla-release/security/nss/cmd/certcgi/ca_form.html):
    ...
    <option>1024 (High Grade)
    <option>768 (Medium Grade)
    <option>512 (Low Grade)
OS: Unspecified → Linux
Hardware: Unspecified → x86_64
Version: 38 Branch → unspecified
Component: Untriaged → DOM: Core & HTML
Product: Firefox → Core
Component: DOM: Core & HTML → Security
security/manager/ssl/src/nsKeygenHandler.cpp, right?

Bug 1315460 resolved this by removing support completely to match the web standard and also Chrome.

Assignee: nobody → jkt
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME
Depends on: 1315460
You need to log in before you can comment on or make changes to this bug.