Open
Bug 953322
Opened 11 years ago
Updated 2 years ago
User-added CAs should be able to specify a domain for which they are trusted
Categories
(Core :: Security: PSM, enhancement, P5)
Tracking
()
UNCONFIRMED
People
(Reporter: andy, Unassigned)
Details
(Whiteboard: [psm-backlog])
I just imported a CA certificate (the Fedora project's certificate). Firefox asked me what I want to trust that certificate for.
I want to trust it to identify websites that are subdomains of fedoraproject.org. Please let me do that.
Updated•11 years ago
|
Component: Preferences → Security: UI
Product: Firefox → Core
Comment 1•10 years ago
|
||
I'd like this ability as well, please. It is related to bug 1168603, an attempt to minimize the damage that a user-installed CA can do.
This could be useful for more than just user-installed certificates. Just because X.509 name constraints are mostly useless doesn't mean that Firefox couldn't eventually restrict some of its trusted root CAs to subsets of the global DNS namespace.
Updated•8 years ago
|
Component: Security: UI → Security: PSM
Priority: -- → P5
Whiteboard: [psm-backlog]
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•