default configuration should include CRLs for included roots

RESOLVED WORKSFORME

Status

()

--
enhancement
RESOLVED WORKSFORME
17 years ago
16 years ago

People

(Reporter: geoffk, Assigned: security-bugs)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

17 years ago
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.0) Gecko/20020605
BuildID:    2002060511

By default, Mozilla includes and trusts many root certificates for various CAs.
 Many of these CAs provide revocation lists,
in particular Verisign provides a bunch at <http://crl.verisign.com/>.
Mozilla doesn't look at any of these lists by default, and it should
for security reasons.  It would also help test the CRL machinery in Mozilla.

Reproducible: Always
Steps to Reproduce:
1. Navigate through Edit->Preferences->Privacy & Security->Validation
2. Click 'Manage CRLs...

Actual Results:  The window didn't contain any CRLs.

Expected Results:  The window should contain many CRLs.

Comment 1

16 years ago
reporter (Geoff): is this still an issue with recent builds of mozilla? if so,
please comment again. if not, please resolve this bug as WORKSFORME. thanks.

Comment 2

16 years ago
no response from reporter. resolving WFM.

reporter - if this is still an issue with a recent build of mozilla, please
reopen and comment with details. thanks.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.