281446 - Certificate viewer tool prints bytes/hex instead of Subject Alternative Name (and other fields) strings

Status: RESOLVED DUPLICATE of bug 230655

(Core Graveyard :: Security: UI, defect)

Description

[Ken Johanson]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041217
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041217

Cant view the subject alt name of a cert, in addition to many others certificate
extension fields. Tried Moz suite, Firefox, and Thunderbird. 

(I'm nbot sure, is this decoding supposed to be provided by NSS on the app's
behalf?)

Reproducible: Always

Steps to Reproduce:
1. load a ssl pagge/cert with subject alt names (like https://www.breezeway tv )
2. open cert exam tool, click on details and open Cert-Extensions tree
3. values are hex, not human readable




Additional consideration; if a user is given the choice to accept/import a
homebrew/non-CA cert, they should be able to verify that subject alt names don't
contain innapropriate values, for to prevent anti-spoofing.

One might even argue that as a separate RFE, importing a root cert should
enumerate all subjectAltNames values so that the user can accpt based on the list.

Comment 1

[Gervase Markham [:gerv]]

This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/

Comment 2

[Ken Johanson]

Problem still persists on DeerPark 1.5 beta.

Comment 3

[Nelson Bolyard (seldom reads bugmail)]

I think (but am not certain) that the patch for bug 259031 addresses this.
If so, this bug should be a duplicate of that earlier one.  
Ken, can you test that patch to see if it addresses this?

Comment 4

[Ken Johanson]

On last night's build (20050927), the values are still hex, not (mortal) human
readable.

Comment 5

[Wan-Teh Chang]

Ken: Nelson meant to ask you to apply the patch for bug 259031
to a Firefox or Mozilla source tree and test your own build.
(That patch hasn't been checked in, which is why the latest
nightly build still prints the values in hex.)

Do you have the setup to do a Firefox or Mozilla build?

Comment 6

[Ken Johanson]

Sorry, I thought he may have meant that, but assumed it would have made it into
the auto build tree. I dont have the source tree right now; I suspect the patch
authors may be more efficient at verifiying it than myself (I presume they've
already tested the patch?).

Comment 7

[Nelson Bolyard (seldom reads bugmail)]

In bug 230655 comment 13, Ken says this bug is a duplicate of that one.
Since he filed both bugs, I believe him.  :)

*** This bug has been marked as a duplicate of 230655 ***