display and record certificate key length and algorithm when communicating via SSL

NEW
Unassigned

Status

Thunderbird
Mail Window Front End
--
enhancement
14 years ago
7 years ago

People

(Reporter: Ralf Hauser, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5b) Gecko/20030907
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5b) Gecko/20030907

When sending or receiving a mail via SSL, I want to be able to know with what
certificate this happens:
- at least in the sent folder, it should be possible to open that certificate
and see who issued it, what algorithm it uses (RSA vs DSA), what key size,
expiration, etc.

Reproducible: Always

Steps to Reproduce:
1.
2.
3.

Actual Results:  
even more comfortable would be if a user can see configure the mail program such
that it displays the certificate algortithms and key lengths, issuer,
expiration, etc. before any sensitive information leaves my client

Expected Results:  
the "gap-less security trail" RFE same applies also to the inbox

Bug 227096 is the analogous RFE to give accountability on the corresponding past
SSL session encryption security
(Reporter)

Comment 1

14 years ago
for completion of the log, it would also be necessary to record the IP address
of the smpt server used then (if no Cert is recorded, also the fully qualified
host name would be useful)

Comment 2

14 years ago
ref mail/news bug 214605
(Reporter)

Comment 3

13 years ago
see also the corresponding RFE at gnu's JavaMail
https://savannah.gnu.org/support/index.php?func=detailitem&item_id=103418
(Reporter)

Comment 4

12 years ago
Now that 1024 bit RSA keys are under attack
(http://lists.virus.org/cryptography-0509/msg00080.html), it it becoming
increasingly important to 
1) be able to go beyond 1024 bit length keys
2) Display what lenght a currently used key has...
QA Contact: front-end

Updated

9 years ago
Assignee: mscott → nobody
You need to log in before you can comment on or make changes to this bug.