Closed Bug 176507 Opened 18 years ago Closed 15 years ago
Certificates added without warning or confirmation
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021016 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2b) Gecko/20021016 After requesting a THAWTE personal E-mail certificate, they E-mail you with a URL where you can "pick up" and install your certificate. Clicking on this URL opens a new browser window and installs the certificate with absolutely no confirmation, warning, or other indication about the success/failure of the operation. While the security risk is probably not substantial (i.e. you probably can't install an arbitrary certificate because your private key won't match), it should at least be looked into to reassure the user that their certificate installation has either succeeded or failed. Reproducible: Always Steps to Reproduce: 1. Request digital certificate from CA such as www.thawte.com 2. Click on URL E-mailed to you by the CA Actual Results: Certificate is installed successfully, but no indication of this is shown. Expected Results: Either a warning dialog should open (i.e. "Do you want to install the certificate xxxxx?") or at least a confirmation in the status bar should be displayed (i.e. "Certificate xxxx installed.").
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: bsharma → junruh
Version: Trunk → 2.4
Confirming. A personal cert is added to your cert DB with no dialogs appearing.
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 2000 → All
Priority: -- → P5
Hardware: PC → All
The question is: "Is it a back that no feedback is given" (like you are suggesting) or "It would be a feature if we gave the user an additional feedback". On one hand side, I think it would be a good idea to do what this bug suggests, and always give at least some small feedback to the user. On the other hand side, in past discussions it has been argued, that issueing certificate authorities want to customize the feedback they give when delivering a certificate to a user. Some CAs are doing that by using a delivery page that is a multipart type page, which delivers HTML content for display at the same time the certificate content type is delivered (and imported by the security engine).
Oops, in the previous comment I wrote "Is it a back...", but of course I meant "Is it a bug...".
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody
Mass change "Future" target milestone to "--" on bugs that now are assigned to nobody. Those targets reflected the prioritization of past PSM management. Many of these should be marked invalid or wontfix, I think.
Target Milestone: Future → ---
I agree. I did this myself and I thought it didn't load right or something when getting my Thawte Cert. There should be at least some sort of dialog box that pops up. Voted. My $0.02.
Are we going to add this popup/dialog for 2.0?
Feedback would be good, but I'm not sure that a dialog is necessary. Bumping nomination to core, reassigning to defaults.
Assignee: nobody → kengert
Flags: blocking-aviary2? → blocking1.8.1?
QA Contact: junruh
Need some kind of feedback in 1.8.1, if not indeed actual user permission (!). Blocker+
Flags: blocking1.8.1? → blocking1.8.1+
*** Bug 308857 has been marked as a duplicate of this bug. ***
Bug 310446 has a patch that will supply user feedback for various cert import actions.
Depends on: 310446
Please see bug 308857 for more background on this bug. Kai, I suggest you take this up with Bob Lord and perhaps Steve Parkins. Bob was the manager of PSM at the time when PSM was changed to work as it does now, and I believe it was he who specified the way it now works. Further, IIRC, the first CA product to make use of the new technique for providing feedback in web page content itself, rather than in browser dialogs was CMS. So I think you're rather directly connected to the people to whom it matters most (or to whom it once mattered most) how mozilla notifies the users.
We need to make sure we think through the request in the context of the apps that we have today. Back when this bug was filed, we had a single client for browsing and email. That meant to retrieve your certificate from the CA, you could use your browser to search for it, and then click on a link to import it. Or the CA would send you an email with a browser link. You'd click on the email link, the browser would open and import the certificate. In both cases, the mail client would be able to use the cert because it was in the same process as the browser. Today we have different apps, with separate databases. We're working to re-unify the databases, but that won't happen until the end of 2006 at the soonest. This issue may or not be directly related to the bug 338615 which I just filed.
Discussed with Bob Lord and Steve Parkinson. They agree it is ok to reintroduce the confirmation dialog. Let's see of I can get in additional feedback messages for cert-import-attemps being ignored, bug 310446. Because this has been marked by Shaver as a blocker for 1.8.1, but we are too late for new IDL, our feedback messages will have to be done in a non-embedding-overridable-fashion, at least in the initial implementation. This will get fixed first, therefore changing depends on bug 310446 to blocks bug 310446.
Fixed on trunk using patch attached in bug 310446.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.