Thunderbird should not auto-prompt for adding a TLS certificate exception when a previous connection to the same server has already provided a valid certificate

NEW
Assigned to

Status

Thunderbird
Security
--
major
7 years ago
2 years ago

People

(Reporter: briansmith, Assigned: adu)

Tracking

({privacy})

Trunk
privacy
Bug Flags:
sec-review +

Firefox Tracking Flags

(Not tracked)

Details

+++ This bug was initially created as a clone of Bug #664633 +++

Today, when Thunderbird encounters an invalid SSL certificate, it makes it really easy--to easy--for the user to configure an exception for that certificate. It makes it easy because many IMAPS and SMTPS servers use non-validatable certificate chains (self-signed certs, etc.) However, it is very unlikely that a server will start using an non-validatable certificate chain after it was previously using one that validated correctly. So, once a successful connection to a server has been made, Thunderbird should not prompt the user to add an exception.

If the local copy of the auto-configuration database says that a valid certificate chain for a server should be provided (which would be the case for almost all of the servers in the auto-configuration database, AFAICT), then we should never prompt the user to add an exception for that server.

Note that this will happen frequently when users are behind captive portals, which is how I noticed it.
Keywords: privacy, sec-review-needed
look at this with account sec
Whiteboard: [sr:curtisk]
Whiteboard: [sr:curtisk] → [secr:curtisk]
Keywords: sec-review-needed → sec-review-complete
Flags: sec-review+

Comment 2

5 years ago
It is not unheard of that some server admin who previously paid for an SSL certificate after its expiration no longer bothers to pay, but takes a self-signed one.
Suggestions:
1) still show the exception dialog, but add a warning that previously, a valid certificate of issuer xyz was found
2) in particular, if the new self-sig certificate is found > 10 days before the expiration of the previous one, add a (large/red) Man-in-the-middle warning!
(Assignee)

Comment 3

5 years ago
I would like to work on this bug .. can i pick this ? please give necessary informations regarding the bug
thanks
Whiteboard: [secr:curtisk]

Updated

5 years ago
Assignee: nobody → adarshdinesh
You need to log in before you can comment on or make changes to this bug.