Closed Bug 157224 Opened 23 years ago Closed 22 years ago

RFE: allow override of invalid signature on SSL server certs

Categories

(Core Graveyard :: Security: UI, enhancement, P3)

1.0 Branch
enhancement

Tracking

(Not tracked)

RESOLVED INVALID
Future

People

(Reporter: nelson, Assigned: ssaux)

Details

This issue is with all versions of PSM in N6, N7 and Moz 1.0. When SSL is verifying the cert chain of an SSL server cert, it may find many problems with certs in the chain, such as a cert from an unknown issuer, a cert from a known but untrusted issuer, or a cert with an invalid signature. In the cases of unknown or untrusted issuers, PSM allows the user to choose to trust the cert and continue with the operation. In the case where the signature is invalid, PSM does not give the user this choice. This is inconsistent.
We also let the user accept expired certificates. So, the case of the invalid signature seems to be the exception to the general rule that PSM ordinarily allows users to accept/trust certs.
Priority: -- → P3
Version: unspecified → 2.3
We need a consensus within the security team. Because any change would involve some UI, this won't happen soon. cc thayes.
Target Milestone: --- → Future
The resolution to this bug may not require the addition of any new dialogs. It may suffice to simply use an existing dialog in a place where it is not now being used.
The case of an invalid signature is fundamentally different than the other cases which currently allow the user to accept/trust certs. It is akin to the case of a bad MAC on a SSL frame. It is a protocol failure, not a lack of trust, so asking the user about trust is not appropriate. Suggest closing INVALID.
I agree.
Severity: normal → enhancement
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → INVALID
Summary: PSM inconsistent about letting users trust SSL server certs → RFE: allow override of invalid signature on SSL server certs
Product: PSM → Core
Version: psm2.3 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.