Closed Bug 1256321 Opened 10 years ago Closed 7 years ago

Bugzilla secure email should check certificate/key expiration and revocation

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: bc, Unassigned)

References

Details

Bob Clary [:bc] (inactive)

Reporter

Description

•

10 years ago

Bugzilla secure email should check if an S/MIME cert has expired or has been revoked or if the GPG/PGP key have been revoked and refuse to send encrypted emails.

Gervase Markham [:gerv]

Comment 1

•

10 years ago

We could check if an S/MIME cert had expired. But checking revocation would mean an extra outgoing HTTP request per email sent, which I strongly suspect will be unacceptable to the BMO admins, and AIUI there is no central repository of revocation information for GPG/PGP, so there's nowhere to check. Gerv

Dylan Hardison [:dylan] (he/him)

Updated

•

7 years ago

Status: NEW → RESOLVED

Closed: 7 years ago

Depends on: 1413328

Resolution: --- → FIXED

Dylan Hardison [:dylan] (he/him)

Comment 2

•

7 years ago

The GnuPG part of this has been fixed; S/MIME expiration is still not considered.

Firefox Bug Husbandry Bot

Updated

•

6 years ago

Component: Extensions: SecureMail → Extensions

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Bugzilla secure email should check certificate/key expiration and revocation

Categories

(bugzilla.mozilla.org :: Extensions, enhancement)

Tracking

()

People

(Reporter: bc, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Comment 2

Updated