Closed Bug 1256321 Opened 6 years ago Closed 4 years ago

Bugzilla secure email should check certificate/key expiration and revocation

Categories

(bugzilla.mozilla.org :: Extensions, enhancement)

Production
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: bc, Unassigned)

References

Details

Bugzilla secure email should check if an S/MIME cert has expired or has been revoked or if the GPG/PGP key have been revoked and refuse to send encrypted emails.
We could check if an S/MIME cert had expired. But checking revocation would mean an extra outgoing HTTP request per email sent, which I strongly suspect will be unacceptable to the BMO admins, and AIUI there is no central repository of revocation information for GPG/PGP, so there's nowhere to check.

Gerv
Status: NEW → RESOLVED
Closed: 4 years ago
Depends on: 1413328
Resolution: --- → FIXED
The GnuPG part of this has been fixed; S/MIME expiration is still not considered.
Component: Extensions: SecureMail → Extensions
You need to log in before you can comment on or make changes to this bug.