Closed Bug 474958 Opened 16 years ago Closed 16 years ago

consider not allowing web sites to silently install user certificates

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 251690

People

(Reporter: guninski, Unassigned)

Details

Attachments

(5 files, 3 obsolete files)

gen1.html - key generation and request
179 bytes, text/html
Details
Sample RSA keygen tag use showing form POST output
268 bytes, text/html
Details
Sample DSA keygen tag use WITH PQG params, showing POST
670 bytes, text/html
Details
Sample DSA keygen tag use WITHOUT PQG params, showing POST
269 bytes, text/html
Details
Sample EC keygen tag use showing form post output
295 bytes, text/html
Details
visiting a web page may result in installing a user certificate. the only signs of installation is a dialog "your certificate was installed |OK|" - the only active UI element is the OK button, no way to disallow it. so this allows the user to have zero or more certificates in names like: - psycho user - obama - laden clearly this is at least a joke mocking the user, yet it may not be considered a joke in some parts of the world. how to reproduce: (don't have a fully automated cgi, it needs some manual steps). 1. the key generation is via <keygen name="pubkey" challenge=""> in a form. see gen1.html 2. the client generates key and sends a SPKAC request to the server 3. when one gets the SPKAC value create a request like: SPKAC=$CLIENTVALUE CN=psycho user 4. sign the request with openssl. assuming one have working openssl CA the command is: openssl ca -config ./openssl.cnf -verbose -days 180 -notext -batch -spkac ./spak1.txt -out spaksign.pem where spak1.txt is the result from step 3. 5. [4] produces a cert. serve the cert to the client with content type: application/x-x509-user-cert 6. the cert is installed, user clicks the only button |ok|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Group: core-security
Attached file Sample RSA keygen tag use (obsolete) —
I'm attaching more samples to this bug.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: