Multiple client certificate requests for single session

VERIFIED INVALID

Status

Core Graveyard
Security: UI
P3
normal
VERIFIED INVALID
19 years ago
2 years ago

People

(Reporter: Murray.Bathgate, Assigned: David P. Drinan)

Tracking

1.0 Branch
PowerPC
Mac System 8.5

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

19 years ago
When accessing a web site that requires client digital certificate
authentication (X509v3) . On the Mac , Netscape re-requests the user to select
user digital certificate on every secure page entry . Accessing the same site
from the same version of netscape running on Intel correctly only request the
user to select certificate on secure session creation .
Web site is IIS on NT4Sp4 .
Under SSL there is a re-use function , thus when accesing a site within the
same domian a tcp/ip session should be re-used and thus the key pairs in use
etc do not have to be regenerated .  On the MAC netscape version it seems that
session re-use is not supported .
When accessing such a site (which will become more common with E-commerce) it
is extremely annoying to have a certificate dialog presented on every page post
.
Our site uses both client and server digital certificates . Microsoft server
gated crypto to provide site authentication and 128bit encryption . Client
digital certificates for non-repudiation and client authentication .

Comment 1

19 years ago
Murray, what version of Communicator are you using?  This sounds like a 4.x bug.
 Bugzilla is for 5.0 bugs only.  Please let us know so we can help.

Updated

19 years ago
Assignee: tomw → mwelch

Comment 2

19 years ago
tomw doesn't live here any more. assigning bugs to mwelch
who is the new default owner of security bugs

Updated

19 years ago
Status: NEW → ASSIGNED

Comment 3

19 years ago
Accepting bug for QA/tracking.

Comment 4

18 years ago
Bulk moving all Browser Security bugs to new Security: General component.  The 
previous Security component for Browser will be deleted.
Component: Security → Security: General

Comment 5

18 years ago
Changing Qa contact to myself.
QA Contact: dshea → junruh

Updated

18 years ago
Whiteboard: [from mwelch@netscape.com]

Comment 6

18 years ago
I'm leaving Netscape, so I'm reassigning all my pending bugs to David Drinan.
I've added "[from mwelch@netscape.com]" to the status whiteboard for each of
these bugs for easier searching.
Assignee: mwelch → ddrinan
Status: ASSIGNED → NEW

Comment 7

18 years ago
Changing component
Component: Security: General → Security: Crypto
Target Milestone: --- → M17

Comment 8

18 years ago
Murray, can you point me to site where this can be tested?
Whiteboard: [from mwelch@netscape.com]

Comment 9

18 years ago
Marking invalid. There is no testcase, and more than a year since hearing from 
Murray.
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → INVALID

Comment 10

18 years ago
Verified.
Status: RESOLVED → VERIFIED

Comment 11

17 years ago
Mass changing Security:Crypto to PSM
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: M17 → ---
Version: other → 2.1

Comment 12

17 years ago
Mass changing Security:Crypto to PSM

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.1 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.