Make CT SCTs available to the certificate error page.

NEW
Unassigned

Status

()

P2
enhancement
a year ago
a month ago

People

(Reporter: jcj, Unassigned)

Tracking

(Blocks: 1 bug)

Trunk
Future
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox58 affected)

Details

(Reporter)

Description

a year ago
In order to give the error analysis code the same context as Mozilla::PKIX, we need to also provide the Certificate Transparency SCT that was used when determining the error. One place to put that response might be nsISSLStatus, where the certificate chain is stored.

[1] http://searchfox.org/mozilla-central/source/security/manager/ssl/nsISSLStatus.idl

FYI, this may or may not be more work than cutting Firefox over to using something like Certainly Something:

https://github.com/april/certainly-something

Which parses certs in JavaScript to display the SCTs.

You need to log in before you can comment on or make changes to this bug.