Per-certificate password protection



7 years ago
4 months ago


(Reporter: martin, Unassigned)


17 Branch
Windows XP

Firefox Tracking Flags

(Not tracked)


User Agent: Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0
Build ID: 20130116073211

Steps to reproduce:

This is feature request (wish). I am using TB 17 on Debian and Xubuntu. I cannot import personal certificate for e-mail signing AND password protect it (the certificate itself). I know about master password, that does not solve my problem.

It is important to have ability to password protect only selected certificates, because some types of certificates have according to law same power as your signature. These certificates must be very carefully protected.

Master password is not solution because once Thunderbird is running and first requests it (e.g. when connecting to SSL POP3/IMAP) everything is unlocked and anyone can send e-mail "I am hereby selling for 1 EUR house at ABC owned by DEF to XYZ .." which becomes properly signed without asking for a password.

Actual results:


Expected results:

MS-Windows allow "strong protection" of certificates (you are asked for a password before first use). Something similar would be very useful in TB under Linux.

More legal info:
Component: Untriaged → Security
You need to log in before you can comment on or make changes to this bug.