Closed
Bug 133519
Opened 22 years ago
Closed 22 years ago
Page Info - Security should display RSA key length in addition to RC4 key lenght, possibly fingerprints too
Categories
(Core Graveyard :: Security: UI, enhancement)
Tracking
(Not tracked)
People
(Reporter: mikko.rantalainen, Assigned: ssaux)
References
()
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:0.9.9+) Gecko/20020320 BuildID: 2002032003 Selecting View - Page Info - Security [tab] displays only "Connection Encrypted: High-grade Encryption (RC4 128bit)". In addition to this there should read "RSA 1024bit" and encryption grade should be decided according to both RSA and RC4 key lenghts. Also make sure that bits are counted correctly; for example Opera 6 displays "512 bit RSA" for that page. According to http://www.rsasecurity.com/rsalabs/faq/4-1-2-1.html if RSA key is only 512 bit then it doesn't matter if RC4 has 128 bit because total security is on a par with 56 bit RC4 anyway. Deciding that page has high-grade encryption according to RC4 key only is bogus IMO. Reproducible: Always Steps to Reproduce: 1. go to https://www.verisign.com/ 2. Press CTRL-I to open Page Info and select Security Actual Results: "Connection Encrypted: High-grade Encryption (RC4 128bit)" is displayed. Expected Results: "Connection Encrypted: High-grade Encryption (RC4 128bit, RSA 1024bit)" is displayed. Perhaps MD5 and SHA1 fingerprints in addition - currently one needs to open yet another window for those.
Comment 1•22 years ago
|
||
->PSM
Assignee: db48x → ssaux
Component: Page Info → Client Library
Product: Browser → PSM
QA Contact: pmac → junruh
Hardware: PC → All
Version: other → 1.01
Updated•22 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•