Closed Bug 161811 Opened 23 years ago Closed 23 years ago

default configuration should include CRLs for included roots

Categories

(Core :: Security, enhancement)

Product:
Core
Component:
Security
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: geoffk, Assigned: security-bugs)

Details

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.0.0) Gecko/20020605 BuildID: 2002060511 By default, Mozilla includes and trusts many root certificates for various CAs. Many of these CAs provide revocation lists, in particular Verisign provides a bunch at <http://crl.verisign.com/>. Mozilla doesn't look at any of these lists by default, and it should for security reasons. It would also help test the CRL machinery in Mozilla. Reproducible: Always Steps to Reproduce: 1. Navigate through Edit->Preferences->Privacy & Security->Validation 2. Click 'Manage CRLs... Actual Results: The window didn't contain any CRLs. Expected Results: The window should contain many CRLs.
reporter (Geoff): is this still an issue with recent builds of mozilla? if so, please comment again. if not, please resolve this bug as WORKSFORME. thanks.
no response from reporter. resolving WFM. reporter - if this is still an issue with a recent build of mozilla, please reopen and comment with details. thanks.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.