Closed Bug 338424 Opened 18 years ago Closed 18 years ago

Importing expired certificates fails silently

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 310446

People

(Reporter: ckannan, Assigned: KaiE)

Details

when trying to import another users email encryption certificate that is expired, thunderbird fails silently to import. there's no error message indicating that an error has occurred.
This also happens when the cert chain is not trusted. TB will not let you import another user's S/MIME cert until the chain above it validates. There should be an error message to this affect. Of course, this then brings up another question: why not let me import the certificate without the chain being trusted? It's sometimes simpler to build the chain from the bottom up.
-> Kai
Assignee: dveditz → kengert
There are 3 separate issues here. First, when reading a signed message, where the signature cert has expired. IMHO it is correct not to import expired certs. IMHO we should not give erre messages. Second, when the user explicitly tries to import a cert from a file. I agree, in this case, when the cert is being ignore, feedback should be given to the user. This is already being tracked by bug 310446. Third, you are talking about not-yet-expired, but untrusted certs. You are proposing an enhancement to interactively import such a cert. I absolute agree it would be helpful. This has been proposed 3 years ago already in bug 209182. We just need to find the time to eventually do it. *** This bug has been marked as a duplicate of 310446 ***
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.