In Certificate Manager indicate when certs are Actively DIStrusted

RESOLVED DUPLICATE of bug 733716

Status

--
major
RESOLVED DUPLICATE of bug 733716
7 years ago
2 years ago

People

(Reporter: kwilson, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

7 years ago
In the Certificate Manager, Actively DIStrusted certificates, such as all of the DigiNotar certs, look the same as all of the other certificate authorities... 
The Security Device is set to "Builtin Object Token" 

Would it be possible to change the Security Device setting for such certificates to say something like "DIStrusted" so that they can be distinguished from the other root certificates that are included in NSS?

Also, the end-entity certificates that are Actively DIStrusted are displayed in the Certificate Manager Servers list as Permanent Lifetime. Would it be possible to change the Lifetime setting to something like "DIStrusted" to indicate that these certs are only included so that they can be Actively DIStrusted?
(Reporter)

Comment 1

7 years ago
I'm raising the importance of this bug, because I am getting inquiries from people who are concerned that Mozilla made a mistake and accidentally re-included DigiNotar CA certificates in Firefox 8.

Also, I just checked, and I can simply Edit Trust and turn on the trust bits for these DigiNotar certs.
Severity: normal → major

Comment 2

7 years ago
Please see bug 733716 where I have started such work.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 733716
(Assignee)

Updated

2 years ago
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.