Closed Bug 470996 Opened 17 years ago Closed 9 years ago

untrusted issuer is not immediately visibly distinct from unknown issuer

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: timeless, Unassigned)

Details

(Whiteboard: [psm-cert-errors])

Steps to Reproduce: 1. Go to http://temp.jesperkristensen.dk/mozilla/GlobalSignRootCA.crt 2. Click OK to the dialog without checking any of the three boxes 3. Visit https://addons.mozilla.org/ 4. Open another window 5. Visit https://www.cacert.org/ Actual results (step 3): This Connection is Untrusted You have asked Minefield to connect securely to addons.mozilla.org, but we can't confirm that your connection is secure. Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified. What Should I Do? If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. [ Get me out of here! ] > Technical Details > I Understand the Risks Actual results (step 5): The only difference from step 3 is that 'addons.mozilla.org' is replaced with 'www.cacert.org' Expected results: a clear *visible* error message indicating that the server is chained to a CA that is explicitly NOT trusted.
Whiteboard: [psm-cert-errors]
Assignee: kaie → nobody
But really the two situations are the same - the platform couldn't find a path to a trust anchor.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → INVALID
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.