Closed Bug 122967 Opened 23 years ago Closed 22 years ago

Editing trust of another person's cert must set correct trust

Categories

(MailNews Core :: Security: S/MIME, defect, P1)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.2

People

(Reporter: KaiE, Assigned: KaiE)

References

Details

Attachments

(1 obsolete file) 

Make sure you have a cert in certificate manager other's tab, that is not trusted.
Use the edit button and explicitly trust that cert.
After you do that, signed emails from that person are still untrusted.
Expected behaviour: Signed email should be trusted after that action.

I think the reason is that manual edit adds the wrong trust bits. If you view
the details of that cert, it says "cert has been verified for usage as SSL
Server", which is not what we want.
-> me
Assignee: ssaux → kaie
Not to say that there isn't a bug here, but ssl server is displayed as a
combination of the keyusage and the extended key usage, both of which are set in
the cert (not editable).
Newer certs from the intranet CA were tweaked to issue the correct extenstion in
extended key usage so that the cert manager would not display ssl server (It did
before)
Priority: -- → P1
Target Milestone: --- → 2.2
S/MIME bugs are automatically nsbeta1 candidates. (this is a bulk update - there
may be some adjustment of the list).
Keywords: nsbeta1
Keywords: nsbeta1+
Keywords: nsbeta1, nsbeta1+nsbeta1-
I would like to make this nsbeta1+, because I think the fix will be very simple.

At least, we should remove the edit button from the other's tab.
Keywords: nsbeta1-nsbeta1+
Attached patch Suggested temporary fix (obsolete) — Splinter Review 
This patch removes the edit trust button from the email certs tab.
Javi, can you please review?

As long as editing trust of email addresses is not implemented correctly, we
should not display the edit button. This patch removes the edit button for now.


r=javi
Alec, can you please review the deactivation of a button in XUL (until we
implement it correctly some time in the future).

Comment on attachment 75967 [details] [diff] [review]
Suggested temporary fix

sr=alecf
Attachment #75967 - Flags: superreview+
Comment on attachment 75967 [details] [diff] [review]
Suggested temporary fix

a=roc+moz
Attachment #75967 - Flags: review+
Attachment #75967 - Flags: approval+
Temporary patch checked in.
Removing nsbeta1+.

Bug stays open until the feature gets implemented.
Keywords: nsbeta1+
adding nsbeta1-
as a reminder.
Keywords: nsbeta1-
cc cotter

*** Bug 130481 has been marked as a duplicate of this bug. ***
can you please obsolete the checked in patch so it doesn't show up on queries
for approved and open patches? Thanks.
Comment on attachment 75967 [details] [diff] [review]
Suggested temporary fix

marking as obsolete, because it has been checked in.
Attachment #75967 - Attachment is obsolete: true
QA Contact: alam → carosendahl
I'm closing this one, because somebody filed a bug on the inability to edit the
trust of other's people, let's use the new bug 144435.

Fixed, because editing trust is no longer possible.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Verified - until functionality is correct, current specs disallow editing trust
bits on OP certs.
Status: RESOLVED → VERIFIED
Product: PSM → Core
Version: psm1.01 → 1.0 Branch
Product: Core → MailNews Core
QA Contact: carosendahl → s.mime
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: