Closed Bug 400732 Opened 17 years ago Closed 10 years ago

Certificates should be able to be blocked always (as accept always)

Categories

(Camino Graveyard :: Security, enhancement)

Product:
Camino Graveyard
Component:
Security
Platform:
PowerPC
macOS
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX
Milestone:
Future

People

(Reporter: funsheep, Unassigned)

References

Details

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.8pre) Gecko/20071019 Camino/1.6a1pre (like Firefox/2.0.0.8pre)
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.8pre) Gecko/20071019 Camino/1.6a1pre (like Firefox/2.0.0.8pre)

Some Ad-Sever store ids to identify user profiles not only in cookies, but also in certifcates. There are currently three options when a unknown certificate appears:

accept always, accept once, block once.

Its annoying, that i cant set some ad-server certificate to "block always". now i have to be careful all the time i go to certian websides.


The bad thing is that ids to create ad-profiles (to trace the users surfbehavior) can be stored in certificates and currently there is no way to permanently block these privacy-violating-certificates

original post: http://comments.gmane.org/gmane.comp.security.full-disclosure/55354
the following webside demonstrates the problem: http://0x90.eu/ff_tls_poc.html


Reproducible: Always

Steps to Reproduce:
1. Go to a webside with https-ads 
2. Watch your browser pop-up the certificate for the adserver (something like *.adservising.xxxx.com)
3. block it once
4. because you love the webside / the content - go there again every day - several times
5. everytime watch the dialog popup for the adserver-certificate
6. Say it loud: "This is annoying! I hate https-ads! I hate my stupid browser. Why cant there be an 'always block certificate'-button?!"
Actual Results:  
I broke my keyboard. Just kidding.

The certificate-dialog pops up for an adserver and i just can block it once - not always.

Expected Results:  
There should be a button to block certificates always not only once.
See core bug 236675, which is basically the same.
I have no problem confirming this as a placeholder bug for implementing the new PSM UI when bug 236675 gets fixed (if we don't get that part of the UI for free, which I think we don't), if we agree.
Component: Annoyance Blocking → Security
Depends on: 236675
QA Contact: annoyance.blocking → camino
Target Milestone: --- → Future
Sounds good to me. Confirming per comment 2.
Status: UNCONFIRMED → NEW
Ever confirmed: true
This bug has been buried in the graveyard and has not been updated in over 5 years. It is probably safe to assume that it will never be fixed, so resolving as WONTFIX.

[Mass-change filter: graveyard-wontfix-2014-09-24]
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.