Closed Bug 1214983 Opened 10 years ago Closed 10 years ago

support Inhibit anyPolicy

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
44 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 989051

People

(Reporter: ryan_hurst, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 Steps to reproduce: Visit a website over TLS with a certificate issued by a issuing CA that was issued with the inhibit anyPolicy extension included and marked critical Actual results: See Firefox be unhappy. Expected results: Firefox should natively understand Inhibit anyPolicy as it is required by RFC 5280. Once understood it can no longer fail because the extension is present and marked critical.
@Ryan, do you have sample url to reproduce the issue ?
Flags: needinfo?(ryan_hurst)
I do not, this was brought up when we were doing Let's Encrypt work, we changed the profile to work around it. The code is clear though, its not supported.
Flags: needinfo?(ryan_hurst)
Component: Untriaged → Security
Thanks, Ryan. We do have a bug on this already, though.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.