Closed Bug 291491 Opened 20 years ago Closed 19 years ago

No indication of http-ssl-session (establish, established and leave) in browser.

Categories

(SeaMonkey :: Security, defect)

Product:
SeaMonkey
Component:
Security
Version:
1.4 Branch
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED EXPIRED

People

(Reporter: bugzilla-hw, Assigned: caillon)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.4.3) Gecko/20040804
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.4.4) Gecko/20050311

Setting: All SSL-Warning options are activated.

Connecting to SSL-HTTP Sites (https) will not warn the user before entering the
site and does not inform the user about the status of a established ssl-session.
Visual indicator for security (right corner lock symbol in taskbar) will be
displayed "open" and not "closed yellow" at any established connection. If user
double click this, there will get an confused information, that website idendity
cannot be verified. It is possible, the problem is indepedent of any OS (but i`m
not sure).

Reproducible: Always

Steps to Reproduce:
Enter a https-website to reproduce ...
Actual Results:  
User is confused about her session-security.
Release 1.4.4 are affected by this bug.
That's the bug i was talking about in irc.
Version: unspecified → 1.4 Branch
Where did your copy of Mozilla come from? The Mozilla Foundation never shipped
1.4.3 or 1.4.4 as binary releases. We strongly urge you to upgrade to 1.7.7
which contains many important fixes.

--> over to Caillon who probably still cares about that branch. Possibly the
patches for the MFSA2005-14 related bugs didn't land quite right?
Assignee: dveditz → caillon
(In reply to comment #3)
> Where did your copy of Mozilla come from? The Mozilla Foundation never shipped
> 1.4.3 or 1.4.4 as binary releases. We strongly urge you to upgrade to 1.7.7
> which contains many important fixes.

Self compiled with ssl-support but source not changed. I`m sure, that is a bug.
Compiled 1.4.3 still works successful at same environment. Switching to 1.7
Branch isn`t an alternative.


Here are the changes between 1.4.3 and 1.4.4. The checkin for bug 257308 seems
most directly relevant.

http://bonsai.mozilla.org/cvsquery.cgi?treeid=default&module=all&branch=MOZILLA_1_4_BRANCH&branchtype=match&dir=&file=&filetype=match&who=&whotype=match&sortby=Date&hours=2&date=explicit&mindate=2004-08-04&maxdate=2005-03-14&cvsroot=%2Fcvsroot

Maybe I'm doing that wrong, I don't see a checkin for bug 262289, for instance,
which is marked with the fixed1.4.4 keyword. Looking at the dates I doubt this
includes the fixes from 1.7.6 which include some security icon fixes.
(In reply to comment #5)
> Maybe I'm doing that wrong, I don't see a checkin for bug 262289

It would help if I looked for the right thing: I do see the checkin for bug
262689 which is the one I was thinking of.
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/

This bug has been automatically resolved after a period of inactivity (see above
comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → EXPIRED
You need to log in before you can comment on or make changes to this bug.