if a server requested a client certificate and none is available, the user should be informed of this somehow

NEW
Unassigned

Status

()

Core
Security: PSM
P3
enhancement
12 years ago
a year ago

People

(Reporter: timeless, Unassigned)

Tracking

Trunk
x86
Windows XP
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [kerh-ehz][psm-clientauth])

(Reporter)

Description

12 years ago
I'm dealing with a real customer, and this psm code is really frustrating to remotely debug given that i'm not supposed to repeatedly ask customers single questions and wait for their responses.

if PSM logged a message using nsIConsoleService indicating that there were no certificates available when the code ran, I'd probably have recognized the problem (and the user would have been able to recognize it as well).

Similarly, if the code discards all the available certificates because they don't match some criteria, a message to the nsIConsoleService would be helpful if it explained the reasons that all certificates were discarded (e.g. "No certificates matched the CAs acceptable to this server").

Updated

12 years ago
Whiteboard: [kerh-ehz]
QA Contact: ui

Comment 1

5 years ago
reassign bug owner.
mass-update-kaie-20120918
Assignee: kaie → nobody
I don't think a console message is the best approach here, but it would be good to inform the user somehow. Note also that addressing this can fix cases where the server terminates the TLS handshake when it doesn't receive a client certificate and all the user sees is the grey "there was a problem" UI.
Component: Security: UI → Security: PSM
Priority: -- → P3
Summary: pref "security.default_personal_cert", "Select Automatically" should log a console message if it has no certificates from which to choose → if a server requested a client certificate and none is available, the user should be informed of this somehow
Whiteboard: [kerh-ehz] → [kerh-ehz][psm-clientauth]
You need to log in before you can comment on or make changes to this bug.