Importing cert by p12 file w/ unknown CA should prompt the user to add trust

RESOLVED WONTFIX

Status

P1
normal
RESOLVED WONTFIX
17 years ago
2 years ago

People

(Reporter: kaie, Unassigned)

Tracking

Other Branch
Future

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [kerh-eha][psm-cert-manager])

(Reporter)

Description

17 years ago
Having not set trust on self's cert leads to confusing behaviour of the application.

A user might create a new profile and restore the cert from a p12 backup file.

Suppose the p12 file was signed by a CA that was previously unknown or untrusted.


Actual behaviour: The cert will be imported, but not trusted.

Expected beahviour: The application should detect that a personal cert from an
untrusted CA is being imported. It should bring this fact to the user's
attention. It should prompt the user and tell him something like:

  Your own cert is not trusted.
  You need to trust the issuing CA before you can use your cert successfully.
  Do you want to edit the trust now?

Comment 1

17 years ago
I totally agree that this is the correct behavior, but it will probably have to
wait until after RTM.
WE have code somewher that does exactly that, but porting it to MOz would
require ui changes that are not acceptable.
Priority: -- → P1
Target Milestone: --- → Future

Comment 2

17 years ago
kai
Assignee: ssaux → kaie

Updated

14 years ago
Component: Security: UI → Security: UI
Product: PSM → Core
(Reporter)

Comment 3

13 years ago
*** Bug 140153 has been marked as a duplicate of this bug. ***
(Reporter)

Updated

13 years ago
Whiteboard: [kerh-eha]
(Reporter)

Comment 4

13 years ago
*** Bug 140184 has been marked as a duplicate of this bug. ***
QA Contact: junruh → ui
(Reporter)

Updated

8 years ago
Assignee: kaie → nobody
Whiteboard: [kerh-eha] → [kerh-eha][psm-cert-manager]
I disagree. There's no need to ever trust the CA because it doesn't make sense for the platform to verify a user's client or email signing certificate. Ultimately the platform doesn't care if the certificate is valid - the server the user is authenticating to or the recipient of the email is the one who cares. We should just fix this by removing all instances where the platform tries to validate these certificates (that said, the platform could do some basic checks like "is this certificate expired?" and inform the user that a 3rd party is unlikely to accept the certificate as valid in those cases).
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
(Assignee)

Updated

2 years ago
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.