Closed Bug 87331 Opened 23 years ago Closed 23 years ago

"Ask every time" for PIN is not enforced for tokens

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.2.1
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: thayes0993, Assigned: rrelyea)

References

Details

Attachments

(1 file)

Patch to pk11slot.c (unverified)
668 bytes, patch
Details | Diff | Splinter Review
When user chooses "ask every time" for password settings, NSS is supposed to prompt for each important use of key material. It works for the built in token, but is not enforced for "external" devices such as iButton. To reproduce: 1) set the password prefs to "ask every time". 2) With a certificate installed on a token (such as iButton), connect to a site the requires client authentication. If the token requires login to look at the certificates, you should get a password prompt. In addition, when you perform then client authentication, the password prompt should also appear. 3) Connect to another site that requires the certificate. The password prompt should appear again. (The prompt to get access to certs should not appear in this case)
Add cc, reassign to relyea.
Assignee: wtc → relyea
Blocks: 82377
Bob, is this patch safe enough to go into NSS 3.3?
Yes. It shouldn't effect servers at all anyway. bob
Priority: -- → P2
Target Milestone: --- → 3.3
Keywords: review
Fix checked into the drunk (Not in NSS 3.3 or PSM).
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Target Milestone: 3.3 → 3.4
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: