Open Bug 1415312 Opened 7 years ago Updated 2 years ago

Make CT SCTs available to the certificate error page.

Categories

(Core :: Security: PSM, enhancement, P2)

enhancement

Tracking

()

Future
Tracking Status
firefox58 --- affected

People

(Reporter: jcj, Unassigned)

References

(Blocks 1 open bug)

Details

In order to give the error analysis code the same context as Mozilla::PKIX, we need to also provide the Certificate Transparency SCT that was used when determining the error. One place to put that response might be nsISSLStatus, where the certificate chain is stored.

[1] http://searchfox.org/mozilla-central/source/security/manager/ssl/nsISSLStatus.idl

FYI, this may or may not be more work than cutting Firefox over to using something like Certainly Something:

https://github.com/april/certainly-something

Which parses certs in JavaScript to display the SCTs.

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.