Open Bug 390221 Opened 18 years ago Updated 3 years ago

Thunderbird and Firefox should share cert/key databases

Categories

(Thunderbird :: Security, enhancement)

Product:
Thunderbird
Component:
Security
Type:
enhancement

Tracking

(Not tracked)

People

(Reporter: eddy_nigg, Unassigned)

References

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.5) Gecko/20070713 Firefox/2.0.0.5 Build Identifier: Thunderbird should be able to use client certificates installed under Firefox. Usually client certs are generated by the browser. In turn the CA signs and allows the resulting cert to be installed into the browser. However the cert destination is really the mail client, hence one has to export the cert including private key and import into TB. TB should be able to look to the aide and if there is a FF installation use it. Alternatively FF and TB might use the same cert store always (shared between both). Reproducible: Always Steps to Reproduce: 1. Get a client certificate (S/MIME) from https://cert.startcom.org/?app=101&type=1 2. Follow steps in order to use under TB including installation of intermediate CA certificates etc. Actual Results: Installed in FF. Requires additional steps in order to use it in TB. Expected Results: After installation of the certificate able to use in TB. Might require changes to both FF and TB? They should access the same information under the ~/.mozilla/ directory for personal certificates.
I think this would require both products to use the same certificate store, and require a (NEEDED) restructuring of the cert storage.
I confirm that this is an enhancement request for Thunderbird. The support for shared cert DBs is new in NSS 3.12, which we plan to have in FireFox 3. (See bug 217538) However, with Thunderbird's future now in doubt, it's not clear if Thunderbird will take advantage of it or not.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Which requires? Sqlite3 support in TB? Has it been worked on? Any other things to consider? Guess it needs somewhat more than just the new NSS library.
This feature would be very much appreciated.
Flags: wanted-thunderbird3?
Pretty much bug 454036, no? wanted‑thunderbird3- as it doesn't sound feasible for tb3 (and is likely more of a core bug, like the above)
Assignee: dveditz → nobody
Flags: wanted-thunderbird3? → wanted-thunderbird3-
(In reply to comment #5) > Pretty much bug 454036, no? > > wanted‑thunderbird3- as it doesn't sound feasible for tb3 (and is likely more > of a core bug, like the above) Agreed - And probably needs some PSM love too.
Summary: Use certificates installed under Firefox → Thunderbird and Firefox should share cert/key databases
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.