separate built-in roots from user-added or cached certificates in the certificate manager
Categories
(Core :: Security: PSM, enhancement, P3)
Tracking
()
People
(Reporter: kreuzritter2000, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [psm-backlog])
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0
Steps to reproduce:
Added manually a certificate and forgot the name how it was called.
Actual results:
I don't know which certificate to remove. They look all like the ones, that are shipped with Firefox by default.
Expected results:
Manually added certificates should be marked in the certificate list with a sign so that a user can distinguish and filter them from the certificates that are shipped by default with Firefox.
This is important for security reasons. It makes it easier to remove manually added certificates completely without overlooking or forgetting one.
In the "Security Device" column, certificates that were shipped with Firefox will have the string "Builtin Object Token" (or the localized equivalent). Certificates that were added by the user (or cached intermediates encountered while browsing) will have the string "Software Security Device" (or the localized equivalent).
(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #1)
In the "Security Device" column, certificates that were shipped with Firefox will have the string "Builtin Object Token" (or the localized equivalent). Certificates that were added by the user (or cached intermediates encountered while browsing) will have the string "Software Security Device" (or the localized equivalent).
Thanks. In this case it would be good if there were also a separation of cached intermediate certificates and manually added certificates.
Comment 3•6 years ago
|
||
Hi, Can I work on this issue?
Updated•2 years ago
|
Description
•