I just imported a CA certificate (the Fedora project's certificate). Firefox asked me what I want to trust that certificate for. I want to trust it to identify websites that are subdomains of fedoraproject.org. Please let me do that.
Component: Preferences → Security: UI
Product: Firefox → Core
I'd like this ability as well, please. It is related to bug 1168603, an attempt to minimize the damage that a user-installed CA can do.
This could be useful for more than just user-installed certificates. Just because X.509 name constraints are mostly useless doesn't mean that Firefox couldn't eventually restrict some of its trusted root CAs to subsets of the global DNS namespace.
Component: Security: UI → Security: PSM
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.