Open
Bug 322438
Opened 20 years ago
Updated 3 years ago
if a server requested a client certificate and none is available, the user should be informed of this somehow
Categories
(Core :: Security: PSM, enhancement, P3)
Tracking
()
NEW
People
(Reporter: timeless, Unassigned)
Details
(Whiteboard: [kerh-ehz][psm-clientauth])
I'm dealing with a real customer, and this psm code is really frustrating to remotely debug given that i'm not supposed to repeatedly ask customers single questions and wait for their responses.
if PSM logged a message using nsIConsoleService indicating that there were no certificates available when the code ran, I'd probably have recognized the problem (and the user would have been able to recognize it as well).
Similarly, if the code discards all the available certificates because they don't match some criteria, a message to the nsIConsoleService would be helpful if it explained the reasons that all certificates were discarded (e.g. "No certificates matched the CAs acceptable to this server").
|
||
Updated•20 years ago
|
Whiteboard: [kerh-ehz]
|
||
Updated•18 years ago
|
QA Contact: ui
|
||
Comment 2•9 years ago
|
||
I don't think a console message is the best approach here, but it would be good to inform the user somehow. Note also that addressing this can fix cases where the server terminates the TLS handshake when it doesn't receive a client certificate and all the user sees is the grey "there was a problem" UI.
Component: Security: UI → Security: PSM
Priority: -- → P3
Summary: pref "security.default_personal_cert", "Select Automatically" should log a console message if it has no certificates from which to choose → if a server requested a client certificate and none is available, the user should be informed of this somehow
Whiteboard: [kerh-ehz] → [kerh-ehz][psm-clientauth]
|
||
Updated•3 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•