Open Bug 453025 Opened 17 years ago Updated 3 years ago

security devices only loaded on application start

Categories

(Core :: Security, enhancement)

Product:
Core
Component:
Security
Platform:
x86
Windows XP
Type:
enhancement

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: mail, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Build Identifier: 2.0.0.16 (20080708) The security devices are only loaded on application start, which makes using signing sticks (some kind of USB-Stick-Wrapped smart-card-reader) very bad. Reproducible: Always Steps to Reproduce: 1. Start Thunderbird 2. Write new mail 3. Make the mail being signed 4. Plug signing stick 5. Try to send mail Actual Results: Thunderbird doesn't find the certificate as the security device list isn't refreshed before trying to sign the mail. Expected Results: Refresh security device list and sign the message. The signing stick works fine if it's already been plugged at application start, but that makes either the signing stick lose its security level or using thunderbird with a signing stick very uncomfortable (write mail, save it, close application, plug signing stick, start thunderbird again, open mail, send mail). PS: If the signing stick was plugged before starting the application, it can be removed and replugged just before sending the signed mail, but that's again not the desired behaviour.
Pier do you have the same kind of issues with Firefox ?
(In reply to comment #1) > Pier do you have the same kind of issues with Firefox ? Yes, it's nearly the same issue with Firefox. Although my use cases in Firefox are limited to use the signing stock from java applets running in the browser which try to get information from the stick (or more from the signing stick driver). (But I suppose it should in any case try to access the same interface ;)) In other words: Yes, I have to (re-)start Firefox with the signing stick being already connected when I want to use it with the browser!
Moving to Core as Ff is also impacted.
Product: Thunderbird → Core
QA Contact: thunderbird → toolkit
Old but still partially applies. Wrong "fix": now it's scanning tokens even when not needed, locking out other apps that need token access. A good fix should allow for "concurrent" access by multiple apps when "lock_login = true" in /etc/opensc.conf (or the equivalent in win). Old "open/use/close" paradigm that's always safe.
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.