Open
Bug 1431850
Opened 6 years ago
Updated 2 years ago
simplify how nsCertTree chooses which certificates to display
Categories
(Core :: Security: PSM, enhancement, P2)
Core
Security: PSM
Tracking
()
NEW
People
(Reporter: keeler, Unassigned)
References
Details
(Whiteboard: [psm-blocked])
The way nsCertTree (the C++ backend for the certificate manager) chooses which certificates to add to its display is a bit more complicated than it needs to be. For one, nsCertTree::GetCertsByTypeFromCertList has a very tight coupling with nsCertOverrideService (to the point of casting the generic nsICertOverrideService to the concrete nsCertOverrideService). We should re-work this and be a bit more clear about what certificates are shown where. I'm thinking: "Your Certificates": if there's a private key corresponding to a certificate, show it here "People": if a certificate has an email address in its subject or san, show it here "Servers": show all current certificate error overrides here "Authorities": basically, if CERT_IsCACert returns true, show it here (The "Others" tab will be removed in bug 1431791.) Note that it may be possible for a single certificate to be shown in multiple tabs. This a) already happens (e.g. if a user imports a CA and also happens to have the private key for that CA) and b) is preferable to an overabundance of complicated code that attempts to prevent this.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•