remove some OIDs/processing from the certificate viewer that don't affect certificate verification

RESOLVED FIXED in Firefox 61

Status

()

enhancement
P1
normal
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: keeler, Assigned: keeler)

Tracking

unspecified
mozilla61
Points:
---

Firefox Tracking Flags

(firefox61 fixed)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 attachment)

We have some dynamically-added OIDs in the certificate viewer code that don't serve any useful purpose. They correspond to some extensions that have no effect on certificate verification (unless they're marked critical, in which case the certificate would be rejected like any other unknown extension). We should just remove them and simplify this code.
Assignee: nobody → dkeeler
Comment on attachment 8962552 [details]
bug 1449060 - remove some dynamic OIDs from the certificate viewer that don't serve any purpose

https://reviewboard.mozilla.org/r/231354/#review236960

+1 for removing code

::: security/manager/ssl/nsNSSCertHelper.cpp
(Diff revision 1)
>  #include "prerror.h"
>  #include "secder.h"
>  
>  using namespace mozilla;
>  
> -/* Object Identifier constants */

Looking at the bug that added these the code is here so we can display the extensions. I presume we won't be able to display them after this change? But the extensions don't look widespread so that this shouldn't be an issue.
Attachment #8962552 - Flags: review?(franziskuskiefer) → review+
Assignee

Comment 3

a year ago
mozreview-review-reply
Comment on attachment 8962552 [details]
bug 1449060 - remove some dynamic OIDs from the certificate viewer that don't serve any purpose

https://reviewboard.mozilla.org/r/231354/#review236960

> Looking at the bug that added these the code is here so we can display the extensions. I presume we won't be able to display them after this change? But the extensions don't look widespread so that this shouldn't be an issue.

More or less. We won't be able to display them in the specially-formatted way they are now - it'll just be a hexdump, basically. Since they don't affect verification, I don't see a point in supporting them in the certificate viewer.

Comment 5

a year ago
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5a39db181e6a
remove some dynamic OIDs from the certificate viewer that don't serve any purpose r=fkiefer

Comment 6

a year ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/5a39db181e6a
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in before you can comment on or make changes to this bug.