Closed
Bug 169143
Opened 22 years ago
Closed 22 years ago
Mozilla auto-selects wrong certificate
Categories
(Core Graveyard :: Security: UI, enhancement, P3)
Tracking
(Not tracked)
VERIFIED
WORKSFORME
People
(Reporter: kidahl, Assigned: ssaux)
Details
My Wife an I both have downloaded privte certificates for the same internet
bank. When accessing the bank and it requests a certificate, Mozilla provides
(a random?) one without checking if there are others that also could be used.
The alternative is to have Mozilla ask every time for the certificate, which is
close to 5 times per page/frameset, and is therefore unusable due to the way my
bank uses certificates.
Proposed solution: Add a preferences setting that is "ask once for each
session", where mozilla asks me to choose my certificate, and then uses that
cartificate throughout the session. This is seemingly what Netscape 4.72 and MS
explorer does.
Reporter | ||
Comment 2•22 years ago
|
||
I have experienced this in all builds I have tried from 0.9 up to and including 1.1
(Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.1) Gecko/20020826)
Karl, can you also reproduce this using a more recent build such as 1.2a or a
current nightly?
Reporter | ||
Comment 4•22 years ago
|
||
I have now confirmed this on 1.2a as well (2002091014).
When Netscape 4.72 has set "Ask every time", it asks for the certificate once for the entire
session. When mozilla has set "Ask every time", it asks for the certificate, well, every time.
When mozilla has set "Select automatically" it simply picks one certificate, although there
are installed two valid different certificates for this site (www.skandiabanken.no). This is
the same functionality that Netscape 4.72 has.
Comment 5•22 years ago
|
||
->PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4
Comment 6•22 years ago
|
||
When the preference is set to select certs automatically, it should select the
most recently isssued cert. If you have more than one cert that works with your
bank, you should set the pref to Always Ask.
Reporter, can you check on this pref? Edit>Prefs>Privacy>Master Password. I
suggest setting the Master Password pref to "The first time it is needed", or
"If it has not been used for 30 minutes.
You also might find it a good idea to use two separate profiles, one for you and
your wife. Then you could set the pref to select the cert automaticaly, because
you would have only one bank cert per profile.
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
OS: MacOS X → All
Priority: -- → P3
Hardware: Macintosh → All
Resolution: --- → WORKSFORME
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•