Closed Bug 1686779 Opened 5 years ago Closed 5 years ago

remove isSelfSigned from nsIX509Cert

Categories

(Core :: Security: PSM, enhancement, P1)

Product:
Core
Component:
Security: PSM
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
86 Branch
Tracking Flags:
Tracking Status
firefox86 --- fixed

People

(Reporter: keeler, Assigned: keeler)

References

(Blocks 1 open bug)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Bug 1686779 - remove isSelfSigned from nsIX509Cert r?rmf
48 bytes, text/x-phabricator-request
Details | Review

nsIX509Cert.isSelfSigned is only used by LocalCertService to verify that the certificate it is using is self-signed. This shouldn't be necessary, because the certificate isn't a trust anchor and an override has to be added for it anyway. Additionally, the certificate in question is already guaranteed to be self-signed because it was either just generated that way or it was retrieved from the database (the code for which checks that it's self-signed).

Before this patch, nsIX509Cert.isSelfSigned was only used by LocalCertService
to verify that the certificate it uses is self-signed. This shouldn't have been
necessary, because the certificate isn't a trust anchor and an override has to
be added for it anyway. Additionally, the certificate in question is already
guaranteed to be self-signed because it was either just generated that way or
it was retrieved from the database (the code for which checks that it's
self-signed).

Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/413bf149bca3 remove isSelfSigned from nsIX509Cert r=rmf

https://hg.mozilla.org/mozilla-central/rev/413bf149bca3

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox86: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 86 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: