Closed Bug 406034 Opened 15 years ago Closed 15 years ago

Don't report EV for sites with SSL server exceptions

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 406999

People

(Reporter: KaiE, Assigned: KaiE)

Details

Scenario:
- SSL server with untrusted cert 
- exception for server cert is stored

As EV information is supposed to be compiled in, it seems very unlikely that a user will ever get EV UI for such a site. (Although there are edge cases like: remove trust from a builtin root, then add an exception for a server cert)


This bug proposes: Never show EV UI for certs with exceptions.

We should completely avoid running EV verification tests when such a cert is encountered.
Flags: blocking1.9?
Would this change affect our QE efforts in any way?

This bug will be addressed as part of bug 406999
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 406999
You need to log in before you can comment on or make changes to this bug.