Closed Bug 308897 Opened 19 years ago Closed 18 years ago

Should be able to click on the lock icon to show the site's SSL certificate

Categories

(Camino Graveyard :: General, enhancement)

Product:
Camino Graveyard
Component:
General
Platform:
PowerPC
macOS
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
Camino1.5

People

(Reporter: jefframnani, Assigned: nick.kreeger)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050914 Camino/1.0a1
Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050914 Camino/1.0a1

When browsing to a SSL protected site, Camino doesn't offer a way to inspect the
web server's SSL certificate.  In FireFox you can double-click the padlock icon
that appears when browsing to a SSL-protected site.  Double-clicking the padlock
opens up the "Security" tab of the "Page Info" property screen.  Internet
Explorer also offers this functionality in Windows, for another example.  

Things like this get more important as phishing and other scams get more
prevalent.  It also helps when debugging SSL related issues with a web server.

Thanks.

Reproducible: Always

Steps to Reproduce:
1. Navigate to any SSL protected web site (i.e. https://login.yahoo.com)
2. Double-click the padlock icon in the Address Bar
3. Nothing happens

Actual Results:  
No information on the SSL Certificate appears.

Expected Results:  
A screen to show the SSL certificates properties.  For example:  Expiration
Date, Certificate Path, the CA that issued the cert, the company name on the
cert, etc.  This screen should also show whether the browser accepted the
certificate or not.  If it doesn't accept the certificate this screen should say
why (i.e. SSL certificate expired, non-trusted Root CA, etc.)
This is sort of bug 172352 and sort of bug 159048.  This should probably be
duped to one of those and then the latter's summary clarified?
Assignee: dveditz → pinkerton
Component: Security → General
QA Contact: camino
I think we should keep this as a separate bug.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OK.

Regarding

> This screen should also show whether the browser accepted the
> certificate or not.  If it doesn't accept the certificate this screen should say
> why (i.e. SSL certificate expired, non-trusted Root CA, etc.)

Don't we already get an alert dialogue that allows the user to inspect the
certif in all of these cases?  It's just valid, accepted certifs the user can't
inspect, right?

If that's not the case, we should probably fix this for 1.0, but if problematic
certifs can be inspected (as I think is the case), this seems more like 1.1
material like bug 172352.
Target Milestone: --- → Camino1.1
I think we need this for 1.0.
Target Milestone: Camino1.1 → Camino1.0
No certificate can be inspected with Camino. Go to
https://bugreporter.apple.com. You will get the dialog

============================================================================
Security Warning

There is a problem with this site's security certificate. It may be invalid,
expired or not registered with a trusted authority.

Are you sure you want to connect to this site?

[Stop] [Continue]
============================================================================

It's a bug, not an enhancement and it should block 1.0. It's essential for
secure communication to inspect certificates or to see why Camino rejects them.
It's about as vague and uninformative as a dialog can get. Even Safari offers
"Show certificate". It's neither a dupe of bug 172352 nor bug 159048. 

In the above example, Camino rejects the certificate because it is issued to
bugreport.apple.com, not bugreporter.apple.com. I think anyone can tell from
this message that this is not a serious issue and can continue to connect.

And please spare me with your "Oh, certificate inspection is too advanced of a
feature for our users. They don't understand what a certificate is."-comments.
(In reply to comment #5)
1.0a1 and the trunk builds have much better certificate sheets; you can view the
certificate at https://bugreporter.apple.com/ just fine with current builds.
Right. _this_ bug is about being able to view the cert for an https:// site that
you are already viewing.
Assignee: pinkerton → sfraser_bugs
(In reply to comment #8)
> Bug 159048 fixes this, right?
> 

I'm not sure it does. There needs to be a more apparent way of viewing it. Can we semi-morph this bug into making the lock icon clickable? 
Sure.
Summary: Cannot inspect the SSL certificate of a web site you are visiting → Should be able to get to site's SSL certificate via the lock icon.
Just curious: why not show the Page Info when a user sigle-click or double-click the lock instead of the use of a contextual menu? It would be great if a single-click showed the Certificate for the site, like other browsers. I think it's much more "obvious" for the ordinary user.
-> 1.1
Target Milestone: Camino1.0 → Camino1.1
Simon, should this bug be considered fixed?
QA Contact: general
You can right-click on the lock icon and "Show Site Certificate" now. I think a single click on the lock should do that too.
Assignee: sfraser_bugs → nobody
Summary: Should be able to get to site's SSL certificate via the lock icon. → Should be able to click on the lock icon to show the site's SSL certificate
(In reply to comment #14)
> You can right-click on the lock icon and "Show Site Certificate" now. I think a
> single click on the lock should do that too.
 
While I think single clicking on the lock should definitely do something, is displaying the certificate the correct response?

Right now security information is split between the Site Certificate and Site Info panels. If the padlock icon is broken due to mixed http/https content, bringing up the certificate won't give any helpful information.
Since we are adding the RSS icon in the URL bar, a fix for this will be included because we want a single click to open the feed list menu as well. (bug 316232).
Apparently kreeger is fixing this.
Assignee: nobody → nick.kreeger
Depends on: 316232
Yes, the patch on bug 316232 fixes this.
fixed by bug 316232.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
v. on the trunk--at least, single-clicking pops up the menu now.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.