The Security tab of the Page Info window should contain these items (sample text supplied): Protocol: TLS 1.0 (or SSL v2, SSL v3, TLS 1.0, S/MIME v2 or v3) Cipher: RC4 with 128-bit encryption Key exchange: RSA, 1024-bit keys
The protocol (TLS, SSL etc) and the key exchange information are not currently available from the SSL interface. nelsonb has proposed a new interface that would provide some of this on the n.p.m.crypto newsgroup recently. Until this interface is defined and implemented, this information cannot be displayed. Later to 2.1?
Moving to FUTURE for now.
*** Bug 79156 has been marked as a duplicate of this bug. ***
removing nsenterprise keyword from PSM bugs with target milestone of future.
Mass assigning QA to ckritzer.
The necessary underlying NSS functions are now added into NSS 3.4 so perhaps this bug shouldn't be "future" any more.
*** Bug 133519 has been marked as a duplicate of this bug. ***
*** Bug 135612 has been marked as a duplicate of this bug. ***
*** Bug 153595 has been marked as a duplicate of this bug. ***
*** Bug 154641 has been marked as a duplicate of this bug. ***
*** Bug 198824 has been marked as a duplicate of this bug. ***
While you're at it, add a "security info" icon to the bottom of the MailNews window to show that you're authenticated via IMAPS or POP3S rather than IMAP/POP.
Also, please add the IP address of the web server you are connected to and TCP port #(80,8080,443,etc..). This will help in debugging server/dns issues.
*** Bug 253999 has been marked as a duplicate of this bug. ***
From dupe bug 253999, this is issue is discussed in this thread: http://www.security-forums.com/forum/viewtopic.php?t=17955&start=0&postdays=0&postorder=asc&highlight=
Johnathan, Here's another UI enhancement worthy of your consideration.
whether or not Firefox wants this, Gecko should offer it, an embedder may. If that API exists (I'm fairly certain it doesn't), then this bug becomes trivial for an xul oriented person.
I think I had a full head of hair when I filed this bug. :-) Timeless makes a very good point. Which of these requested attributes are available from NSS today?
Bob, thanks for the good laugh! All the stuff you want is available from NSS now, and has been for years. These functions were added in 2001. SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len); SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, SSLCipherSuiteInfo *info, PRUintn len);
The dialog now has pretty much everything from comment 0 (except for the size of the key protecting the key exchange/agreement, which is available in the end-entity cert), so I think we're good. If anyone wants to go above and beyond, that can be done in an add-on.