Cert Manager is displaying 2-digit years in Validity periods




Security: PSM
9 years ago
3 years ago


(Reporter: scott, Unassigned)


1.9.0 Branch

Firefox Tracking Flags

(Not tracked)



(1 attachment)



9 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv: Gecko/2009012700 SUSE/3.0.6-0.1 Firefox/3.0.6
Build Identifier: version (20081227)

When I view all the Web Site Authorities listed by default - Pre-installed root Certificates - The lot there is only 2 numeric values for the validity dates. This could possible be the reason why default Root Certificates et al. all have an unknown validity/trust associated. My own Personal X.509 certificates have YYYY fields in their validity details but not all the default in the default install.
My Total O/S is Opensuse 11.0 and System Date format is DD/MM/YYYY which has possible no bearing on the date presentation of the certificates.

ALL these Web Authorities should all be trusted by default install and all Root Certificates should be trusted by default install.

The Attachment should indicate the issue more clearly

Reproducible: Always

Steps to Reproduce:
1.Account Preferences
4.Web Site
5.View Details

Actual Results:  
None of the Web Authorities are trusted by default which makes a mockery of CA's supplying all this info and making sure all our X.509 S/MIME Traffic is authentic.
The same situation is apparent in FF which makes a mockery of our safe SSL/HTTPS traffic- Separate Bug will be issued later

Expected Results:  
The Default Web Authorities should be trusted by default, this is how we can ensure all our Signed X.509 traffic IS really safe by having the true and valid Web Sites install their Certificates as Valid in default install.

There is no option I see to re-install root CA's that are about to or have expired automatically

Comment 1

9 years ago
Created attachment 364476 [details]
screen image showing thunderbird issue

Note - I am not running the default theme- I trust this is not interfering with date fields - the theme I run is called
(CuteBird) Graphite 1.2.5
After examining the screen shot, it appears to me that this bug report is
reporting two separate issues, both related to information displayed in the
certificate manager dialog windows. They are:

1) Validity dates are displayed with a 2-digit year field

2) The "Purposes" column displays "<Issuer Not Trusted>" for some roots.

Reporter:  Since Firefox and Thunderbird share a common certificate manager,
there is no need to file separate bugs against each of those products.
Assignee: nobody → kaie
Component: Security → Security: PSM
Product: Thunderbird → Core
QA Contact: thunderbird → psm
Version: unspecified → 1.9.0 Branch
Summary: Web Site Authorities Appear to Suffer a Y2K type Bug in the Validation Dates - FF is worse - another bug will be created → Cert Manager is displaying 2-digit years in Validity periods
This display flaw is not a security vulnerability in Firefox,
so I'm unsetting the security-sensitive flag.
Group: core-security

Comment 4

8 years ago
Mass change owner of unconfirmed "Core:Security UI/PSM/SMime" bugs to nobody.
Search for kaie-20100607-unconfirmed-nobody
Assignee: kaie → nobody

Comment 5

3 years ago
Marking as a duplicate of Bug 1053679, which has a clearer summary and description.

For the cert trust issue:
 - I believe Bug 383969 removed the purposes column
 - AFAICT roots in the default CA list are trusted by default
 - Importing a root will ask you what to trust it for
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1053679
You need to log in before you can comment on or make changes to this bug.