Closed Bug 328458 Opened 18 years ago Closed 18 years ago

Problem Handling Digital Certificates

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 328346

People

(Reporter: yago.jesus, Assigned: wtc)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; es-AR; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; es-AR; rv:1.7.12) Gecko/20050919 Firefox/1.0.7

Firefox gives the option to use a certificate whose key usage
non-repudiation bit is set, to authenticate as part of a SSL session.
This does not agree with what is expressed in PKI Best Practices
documentation, which states that those certificates must not be used for
authentication. It is the case, too, that Internet Explorer does not let
them to be used for this matter.

Reproducible: Always

Steps to Reproduce:
1. Loading two certificates, one of which presents a key usage non-repudiation bit. 
2. Direct the browser to a www server that uses certificates for autenthication.
Actual Results:  
the possibility to choose between both certificates is given

Expected Results:  
the non-repudiation certificate (i.e: the one whose key
usage doest not include a non-repudiation bit) should be the only one to
be shown as elegible for authentication.
Assignee: nobody → wtchang
Component: Security → Libraries
Product: Firefox → NSS
QA Contact: firefox → jason.m.reid

*** This bug has been marked as a duplicate of 328346 ***
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.