Open Bug 1267861 Opened 4 years ago Updated 2 years ago

investigate deleting certificates immediately rather than upon destruction

Categories

(Core :: Security: PSM, defect, P3)

defect

Tracking

()

Tracking Status
firefox49 --- affected

People

(Reporter: keeler, Unassigned)

References

Details

(Whiteboard: [psm-backlog])

Currently if an nsIX509Cert is deleted via markForPermDeletion(), it doesn't actually get deleted until the backing nsNSSCertificate has its destructor called. I think this is what's causing behavior like in bug 454782. It may be possible to delete the certificate immediately when markForPermDeletion is called. However, I'm concerned that this could cause trouble if there are other references to the same certificate (although from preliminary tests, this doesn't seem to be the case). Anyway, this should be investigated.
Duplicate of this bug: 237635
Duplicate of this bug: 435159
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.