Cert download failures are silent - no warning or error display




10 years ago
2 years ago


(Reporter: nelson, Unassigned)


(Depends on: 1 bug)

1.9.0 Branch
Windows XP

Firefox Tracking Flags

(Not tracked)


(Whiteboard: [psm-backlog])

Bug 453227 reported that cert downloads were failing silently.  
The cause of that particular failure was an NSS regression that caused
a good certificate download to be treated by NSS as a bad download.

But NSS's routine that processes those downloads, 
CERT_DecodeCertPackage reports a failure status to its caller, 
nsNSSCertificateDB::getCertsFromPackage, yet that failure return value
does not cause any UI to be displayed telling the user about the failure.
The failure is SILENT, from a UI perspective.

This bug report says: those failures should not be silent.  The user should
be told: the server tried to download one or more certificates, and that

Comment 1

10 years ago
The user should be told: Installation of one or more certificates failed. Please contact the site operator to report this incident.

(The server doesn't download a certificate, it's the client (browser) which downloads it. Second, at this stage it's clear that a certificates was supposed to be installed into the browser's security device.

Alternatively use "Import" instead of "Installation".)

Comment 2

10 years ago
Another correction: Please contact the site operator *and* report this incident.

Comment 3

6 years ago
reassign bug owner.
Assignee: kaie → nobody
Component: Security: UI → Security: PSM
Depends on: 1024871
Priority: -- → P5
Whiteboard: [psm-backlog]
You need to log in before you can comment on or make changes to this bug.