Closed Bug 1255967 Opened 9 years ago Closed 9 years ago

prevent certificate backup

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: mocarelamocarela, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 Steps to reproduce: Imported personal certificate. Actual results: Firefox did not offer a chance to disable export/backup of personal certificate afterwards. Expected results: Firefox should give me the possibility to prevent/disable further export/backup of the certificate. Otherwise users can transfer certificates from one computer to another that is not acceptable in enterprise environments.
Component: Untriaged → Security: UI
Product: Firefox → Core
Unfortunately it's not possible to implement this. Certificates and keys are stored in files in a user's profile. Even if Firefox itself tried to prevent exporting the key/certificate, the user could just copy their profile to another computer and achieve the same effect. If your environment requires more restrictions on keys/certificates, you might consider using hardware tokens (then again, I suppose a user could always remove the token and use it in another computer).
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.