Closed
Bug 1449060
Opened 7 years ago
Closed 7 years ago
remove some OIDs/processing from the certificate viewer that don't affect certificate verification
Categories
(Core :: Security: PSM, enhancement, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla61
Tracking | Status | |
---|---|---|
firefox61 | --- | fixed |
People
(Reporter: keeler, Assigned: keeler)
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
We have some dynamically-added OIDs in the certificate viewer code that don't serve any useful purpose. They correspond to some extensions that have no effect on certificate verification (unless they're marked critical, in which case the certificate would be rejected like any other unknown extension). We should just remove them and simplify this code.
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → dkeeler
Comment 2•7 years ago
|
||
mozreview-review |
Comment on attachment 8962552 [details]
bug 1449060 - remove some dynamic OIDs from the certificate viewer that don't serve any purpose
https://reviewboard.mozilla.org/r/231354/#review236960
+1 for removing code
::: security/manager/ssl/nsNSSCertHelper.cpp
(Diff revision 1)
> #include "prerror.h"
> #include "secder.h"
>
> using namespace mozilla;
>
> -/* Object Identifier constants */
Looking at the bug that added these the code is here so we can display the extensions. I presume we won't be able to display them after this change? But the extensions don't look widespread so that this shouldn't be an issue.
Attachment #8962552 -
Flags: review?(franziskuskiefer) → review+
Assignee | ||
Comment 3•7 years ago
|
||
mozreview-review-reply |
Comment on attachment 8962552 [details]
bug 1449060 - remove some dynamic OIDs from the certificate viewer that don't serve any purpose
https://reviewboard.mozilla.org/r/231354/#review236960
> Looking at the bug that added these the code is here so we can display the extensions. I presume we won't be able to display them after this change? But the extensions don't look widespread so that this shouldn't be an issue.
More or less. We won't be able to display them in the specially-formatted way they are now - it'll just be a hexdump, basically. Since they don't affect verification, I don't see a point in supporting them in the certificate viewer.
Assignee | ||
Comment 4•7 years ago
|
||
Thanks for the review!
Try looks good: https://treeherder.mozilla.org/#/jobs?repo=try&revision=deb11cee8b845e0bfb84be22501773d4e30a16cf
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5a39db181e6a
remove some dynamic OIDs from the certificate viewer that don't serve any purpose r=fkiefer
Comment 6•7 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox61:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in
before you can comment on or make changes to this bug.
Description
•