Allow testing of a configured personal S/MIME certificate and seeing the reason when it's unusable
Categories
(MailNews Core :: Security: S/MIME, enhancement)
Tracking
(Not tracked)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
Attachments
(6 files, 1 obsolete file)
existing UI
Implement the functionality explained in bug 1735832 comment 15.
Allow testing of a configured personal S/MIME certificate and seeing the reason when it's unusable.
|
Assignee | |
Comment 1•8 months ago
|
||
|
|
Assignee | |
Comment 2•8 months ago
|
||
For example, this would help the user from bug 1939637, who reports that their certificates don't work in Thunderbird, and it would help me, because I could point the user to this test, and get the reason for failure easily.
|
|
Assignee | |
Updated•8 months ago
|
|
|
Assignee | |
Comment 3•8 months ago
|
||
I've implemented the current patch on top of bug 1944707.
In theory, if we cannot move forward with 1944707, we could adjust the patch to work without.
|
|
Assignee | |
Comment 4•8 months ago
|
||
|
|
Assignee | |
Comment 5•8 months ago
|
||
|
|
Assignee | |
Comment 6•8 months ago
|
||
Martin, what's your opinion on this UI change?
If you compare the two images, the difference is in the lower right area. Two buttons labeled "Test" are added.
The purpose is to test whether the selected certificate is actually usable.
A certificate that was configured (just now or in the past) might not be usable for a variety of reasons.
After clicking the button, the user would either get a success message, or a failure, with a detailed explanation why the certificate isn't considered valid.
I believe this functionality will allow users to self-diagnose. It will allow me to understand why things don't work for users. Something that is impossible to do remotely in many scenarios.
|
||
Comment 7•8 months ago
|
||
I guess we could also just do validation then loading the page, and have warning text beneath problematic certificates.
|
|
Assignee | |
Comment 8•8 months ago
|
||
(In reply to Magnus Melin [:mkmelin] from comment #7)
I guess we could also just do validation then loading the page, and have warning text beneath problematic certificates.
I'm afraid we cannot use that approach.
If a user has a smartcard, looking up and verifying the certificate can prompt the user to enter their smartcard pin.
I think that shouldn't happen when you simply open the prefs. It should only happen when the user attempts to use a certificate.
As a result, to avoid such prompts, when following your suggestion to automatically verify the selected cert whenever we open the prefs, we'd have to exclude such certificates (and I'm not even sure we could reliable distinguish and exclude them). Even if we excluded them, then user wouldn't get the status information, and would still require a way to manually verify the cert.
Furthermore, the verification of a certificate can take a couple of seconds (because of network OCSP checks).
For that reason, I think it's best to introduce a way to manually trigger a check of the configured cert.
|
|
Assignee | |
Comment 9•8 months ago
|
||
See bug 1481969 for many scenarios in which users tried to use a certificate, but it didn't work.
The feature here should help those users understand the issue.
|
|
Assignee | |
Comment 10•8 months ago
|
||
This message is shown when a test passes.
|
|
Assignee | |
Updated•8 months ago
|
|
|
Assignee | |
Comment 11•8 months ago
|
||
Tomorrow I will attach a screenshot of an example failure message.
|
|
Assignee | |
Comment 12•8 months ago
•
|
||
Explanation for the dialog that would inform the user about a problem with the selected certificate.
I would like to show 2 sentences plus a human readable error code.
The first sentence would say:
The Certificate verification failed with the following error:
It would be followed by a human readable explanation of the encountered error.
We have a long list of possible problems, where each has its own error explanation, and those strings are localized.
They can be found here:
https://searchfox.org/mozilla-central/source/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
Most likely we'd get one of the errors that start with SEC_ERROR_, for example
"The certificate issuer’s certificate has expired. Check your system date and time."
Because these strings are localized, if a user reports the localized message to us, it would be difficult for us to immediately understand what the error scenario was. But being able to do that is a central motivation for this work.
Because of that, I propose to also include the human readable error code. (This follows what Firefox does when it reports an error with a site's certificate.)
So I'd suggest this style:
The Certificate verification failed with the following error: The certificate issuer’s certificate has expired. Check your system date and time. (Error code: SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE)
|
|
Assignee | |
Comment 13•8 months ago
|
||
|
|
Assignee | |
Comment 14•8 months ago
|
||
|
|
Assignee | |
Comment 15•8 months ago
|
||
|
||
Comment 16•7 months ago
|
||
Your proposed UI solve with the 2 test buttons works, along with displaying a success message relevant to either signing or encryption.
You've also covered error / failure states with clear feedback to the user.
Everything looks good by me.
|
|
Assignee | |
Updated•3 months ago
|
|
|
Assignee | |
Updated•3 months ago
|
|
||
Updated•3 months ago
|
|
|
||
Updated•2 months ago
|
|
|
||
Updated•1 month ago
|
|
|
Assignee | |
Updated•1 month ago
|
|
||
Comment 17•1 month ago
|
||
Pushed by john@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/ebddc1615dae
Allow testing of a configured personal S/MIME certificate and display the reason when it's unusable. r=mkmelin
|
|
||
Updated•1 month ago
|
Description
•