Closed
Bug 91960
Opened 24 years ago
Closed 23 years ago
No warning of certificates when site use different certificates.
Categories
(Core Graveyard :: Security: UI, defect, P3)
Tracking
(Not tracked)
VERIFIED
FIXED
psm2.3
People
(Reporter: ykoehler, Assigned: ddrinan0264)
References
Details
I went to a secure web site, and asked mozilla to saved the certificate
permanentely. But after a while I returned to the same web site and their
certificates had changed but mozilla didn't warn me of this and instead told me
that the certificate was no more valid and had expired.
Closer investigation revealed that mozilla was using his stored certificates and
not the new cert from the site. I was unable to tell mozilla to use the new one
instead without going in the prefs and deleting the site's cert.
My problem is more that mozilla didn't warn me in any of my attempt to connect
to the site that the certificates changed at all. Which I think is really bad.
|
||
Comment 1•24 years ago
|
||
->PSM
Assignee: mstoltz → ssaux
Component: Security: General → Client Library
Product: Browser → PSM
QA Contact: ckritzer → junruh
Version: other → 2.0
|
|
||
Comment 2•24 years ago
|
||
->future
Although this is a problem, the vast majority of ssl sites (and all the most
important) ones have certificates that don't require the user to accept the cert
individually as it's signed by a built in certificate authority.
->ddrinan
Assignee: ssaux → ddrinan
Priority: -- → P3
Target Milestone: --- → Future
|
|
||
Updated•24 years ago
|
QA Contact: ckritzer → junruh
|
|
||
Comment 5•23 years ago
|
||
Marking fixed. I am simply presented with the new certificate to either accept,
cancel, or remember.
Status: NEW → RESOLVED
Closed: 23 years ago
OS: Linux → All
Hardware: PC → All
Resolution: --- → FIXED
Target Milestone: Future → 2.3
Version: 2.0 → 2.3
|
||
Updated•9 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•