Show users that a Delegated Credential is in-use
Categories
(Core :: Security: PSM, enhancement, P3)
Tracking
()
People
(Reporter: jcj, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [psm-backlog])
Firefox should somehow show when Gecko/NSS is using a delegated credential to verify the certificate chain. Potentially, this should just be appended to the chain shown in the Certificate Chain Viewer, but particular care should be made to whether to show the End Entity of the Delegated Credential in general, particularly upon error.
|
||
Comment 1•5 years ago
|
||
This is not a critical thing, but might be offered for informational purposes, for instance, under "Technical Details". That is probably limited to saying that a delegated credential is in use, and maybe signaling what signature scheme was used for the delegated credential. (We don't report signature scheme in the control center, but we do in devtools, that seems like the right place for this extended information.)
Failure of delegated credentials manifests in much the same way as a bad signature in the TLS handshake.
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
Description
•