Reassigning all https/cartman/security bugs to valeski. He will be finding new owner(s). This shift is so that I can focus on embedding issues. If the new owner has questions that can not be resovled, I may be able to lend a (quick) hand. over to valeski....
Assignee: dougt → valeski
going from an https page to another https page, we should verify certs before throwing a dialog. currenly this does not happen. Also, I don't remember if we even warn in this case.
Re-assigning all valeski PSM bugs to ddrinan.
Assignee: valeski → ddrinan
Setting target fix to future.
Target Milestone: M17 → Future
Component: Security: General → Security: Crypto
Resolved as later.
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → LATER
reopening and marking future
Status: RESOLVED → REOPENED
Resolution: LATER → ---
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: Future → ---
Version: other → 2.0
Can someone please provide a test case here? Setting to PSM 2.0.
Target Milestone: --- → 2.0
Mass reassigning target to 2.1
Target Milestone: 2.0 → 2.1
Priority: P3 → P1
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer
P3 After discussing it with ddrinan, we decided that this is not a must have.
Priority: P1 → P3
Here's a url that on comunicator, pops up a dialog (that can't be preferenced out). https://beaver.red.iplanet.com/stores/bug36435.cgi bug36435.cgi reads: #!/bin/ksh cat <<EOF Location: https://store.aolshopdirect.com EOF exit 0 And can be installed on any https server.
Move to future. Won't have time to fix these for 2.1
I don't see clear what this bug is about. Let's try to enhance the problem description. I placed a new test case at https://www.kuix.de/misc/test30 (Accept my server's cert before continuing.) The bug summary asks for "cert checking". I believe we correctly check the certificate of the final destination site, after the redirect. What kind of check did you ask for? I see that with communicator, a warning message is shown, that you are being redirected to a different server. This warning is no longer shown in Mozilla. Is that what this bug is asking for? A warning for https-server-redirection? If only the latter is the case, this bug is a duplicate of bug 154616.
*** This bug has been marked as a duplicate of 154616 ***
Status: REOPENED → RESOLVED
Last Resolved: 18 years ago → 17 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.