Closed Bug 44320 Opened 24 years ago Closed 23 years ago

Cannot reach a new secure site on first try

Categories

(Core Graveyard :: Security: UI, defect, P3)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: junruh, Assigned: javi)

References

(
URL
)

Details

(Whiteboard: [nsbeta2-][nsbeta3+][PDTP3]) 

1.) Visit a secure site you have never been to before with the present profile.
2.) Click past the two "New Web Site Cert" dialog boxes.
What happen: Mozilla stalls. Restarting Mozilla and then visiting the same site 
is successful.
This worksforme with Win32, build 71020, but still happens with the Linux build 
#71020. Nominating for msbeta2.
Keywords: nsbeta2
OS: All → Linux
Hardware: All → Other
Summary: Cannot reach a new secure site on first try → Linux-Cannot reach a new secure site on first try
Putting on [nsbeta2+] radar for beta2 fix.
Whiteboard: [nsbeta2+]
I just tried this with last night's daily build of Mozilla and the PSM build 
from 2 nights ago.  Are you still seeing this behavior?  If so, update your 
builds and try again.
Still happening with the Linux Seamonkey 71308 build.
Could you at least try on a different machine.  To make sure it's not the 
machine that's causing the problem.  Also what version/build of PSM are you 
using.
Marking worksforme. This seems to be a timing issue, since it works when I am 
logged into a linux machine directly. In any case, a workaround is to just click 
on the link again. Also, this would only happen when going to a site with an 
untrusted CA for the first time - a fairly rare occurence.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → WORKSFORME
Verified.
Status: RESOLVED → VERIFIED
Status: VERIFIED → REOPENED
Resolution: WORKSFORME → ---
Reopening. This is still happening on Linux. After clicking through 2 "new web 
site cert" dialog boxes and ending up at the same page, the trick is to click on 
the link a second time, but this should not be necessary.
Putting on [nsbeta2-] radar.
Whiteboard: [nsbeta2+] → [nsbeta2-]
Keywords: nsbeta3
Target Milestone: --- → M18
Blocks: 48444
Whiteboard: [nsbeta2-] → [nsbeta2-][nsbeta3+]
John, 

Is this still happening?  I tried this today on NT and worked.  (I remember you 
saying that it happened on all platforms, so I'm wondering if it still happens 
on Linux as well.)
This still happens with linux, although the circumstances are quite rare. I have 
to go to an untrusted https site, such as a new cert server and click through 
two CA acceptance dialog boxes. With 4.7x, the windows appear faster, but if I 
take my time clicking through them, I can get a "A network error occurred while 
Netscape was receiving data. Try connecting again." It could be that this bug is 
really that there is no warning when a connection cannot be made, and is a 
duplicate of bug 33772 - No warning when connection is not possible. 
With a Linux box, goto https://javi.red.iplanet.com:8080/

(You will also get an unexpected name dialog since the cert on the server is for 
javi.mcom.com)

I can reach it on the first try, but I have to be fast on clicking through the 
dialog boxes. The oldmonk site seems slow enough so that I can't reach it on the 
first try - https://oldmonk.red.iplanet.com:3003/DirUserEnroll.html. Any 
thoughts on making this bug a dupe of bug 33772 ?
This is not a dupe of bug 33772.  This is a dupe of the bug where SSL 
connections time-out if you let the SSL dialogs sit around for too long.

(I thought there was such a bug, but I can't find the number.)
Adding nelsonb's comments, and changing url, and changing OS to all.
"Today, when user dialogs are required during an SSL handshake, either because
something's wrong with the server cert/chain or because the user has to 
select a cert for client auth, the SSL handshake is stalled while the user
dialogs are presented.  When the user dialogs are finished, the handshake 
resumes from the spot where it stalled, but often by that time, either the
server or the browser has timed-out on the connection, resulting in failure.

Microsoft's Internet Explorer (MSIE) handles such situations differently.  
When it has to present user dialogs, it silently terminates the SSL handshake
and the TCP connection to the server.  When the user dialog finishes, it 
establishes a new TCP connection and starts a new SSL handshake from scratch.  
Consequently, MSIE users never (er, very seldom) experience these timeout
failures.  I believe this is a superior way to handle these dialogs.

I propose that Mozilla and PSM change to use this abort-and-try-again 
technique, rather than the existing stall-and-continue technique.  I'd guess
this is not a small change, because I suspect it involves some communication
between Mozilla and PSM about terminating and restarting the connection over
which the request is to be sent.  But I believe it would be worth the effort
in terms of improved user perception."
URL: https://junruh.mcom.com:444https://www.kmart.com
OS: Linux → All
Hardware: Other → All
Summary: Linux-Cannot reach a new secure site on first try → Cannot reach a new secure site on first try
Since this is nsbeta3+, setting priority to P2
Priority: P3 → P2
PDT thinks this is P3, due to perceived difficulty to reproduce, and expected 
rarity. Could reconsider if data shows otherwise. P3
Priority: P2 → P3
Whiteboard: [nsbeta2-][nsbeta3+] → [nsbeta2-][nsbeta3+][PDTP3]
New target milestone.
Target Milestone: M18 → mozilla0.9.1
PSM 2.0 is now part of the mozilla and commercial builds and has fixed alot of 
UI and ssl bugs that were in PSM 1.X. I'm doing a mass setting of bugs to 
be FIXED. If you believe that I've closed a bug in error, please re-open it. 
Thanks.
Status: REOPENED → RESOLVED
Closed: 24 years ago23 years ago
Resolution: --- → FIXED
Verified.
Status: RESOLVED → VERIFIED
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: mozilla0.9.1 → ---
Version: other → 2.1
Mass changing Security:Crypto to PSM
Product: PSM → Core
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.