Open
Bug 471150
Opened 16 years ago
Updated 2 years ago
Installation of Personal Certificate Should Suggest Setting a Master Password
Categories
(Core :: Security: PSM, enhancement, P5)
Core
Security: PSM
Tracking
()
NEW
People
(Reporter: u334201, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [psm-cert-manager][psm-clientauth])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.3) Gecko/2008092416 Firefox/3.0.3 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.3) Gecko/2008092416 Firefox/3.0.3 When a personal certificate is installed in Firefox and no master password is set (default), then Firefox stores the certificate without issuing a warning that the certificate is unprotected or any suggestion to set a master password. This happens even when Firefox is set to not "Remember passwords for sites". Reproducible: Always Steps to Reproduce: 1. Disable "Master Password" if it is set. 2. Disable "Remember passwords for sites". 3. Load a personal certificate. Actual Results: Certificate is installed and stored. Expected Results: A security warning.
Comment 1•16 years ago
|
||
This should be in PSM.
Assignee: nobody → kaie
Severity: normal → enhancement
Component: Security → Security: UI
Product: Firefox → Core
QA Contact: firefox → ui
Version: unspecified → Trunk
0. supposing a user decides to collect certificates... 1. the first time they are offered a certificate, firefox/thunderbird offer to let the user set a master password. 2. suppose the user declines. 3a. what happens if a minute later the user is offered a second certificate? 4a. should the user be offered to again set a master password? 3b. suppose you answered no to 4a. suppose the user deletes the certificate installed near 2. 4b. suppose the user is offered another certificate. 5b. should the user be offered to set the master password now? something like this could be implemented. but i won't implement it without a spec and a justification for the answer to the questions (4a, 5b) i'm asking here.
Assignee: kaie → johnath
OS: Linux → All
Hardware: x86 → All
Updated•14 years ago
|
Blocks: masterpassword
Whiteboard: [psm-cert-manager]
Component: Security: UI → Security: PSM
Priority: -- → P5
Whiteboard: [psm-cert-manager] → [psm-cert-manager][psm-clientauth]
Updated•6 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Updated•2 years ago
|
Assignee: bugzilla → nobody
Status: ASSIGNED → NEW
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•