Closed
Bug 161820
Opened 23 years ago
Closed 11 years ago
indication of CRL presence for CA certs
Categories
(Core Graveyard :: Security: UI, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: julien.pierre, Unassigned)
References
Details
It would be very useful in the certificate manager to have a visual indication
of which CA certificates we have a CRL for. They could be printed in a different
color for example. There should also be an extra button to view the CRL for that CA.
The current interface has the CRLs in a completely different place, and there
isn't a way to match a CRL with the CA certificate.
There should also be a similar indication and button when viewing the CA cert in
the cert chain under "details" of a cert.
Comment 1•23 years ago
|
||
Some questions to understand how simple a UI could be:
- will NSS always store at most one CRL for any given CA?
or could there be more than one?
- could you provide sample NSS code that can be used to
obtain the CRL, given a CERTCertificate pointer?
I think color is not the prefered way to show information in the UI, consider
the color blind. We therefore need a distinct way to visualize that property
anyway. And if we do, we don't need the color in addition.
Reporter | ||
Comment 2•23 years ago
|
||
Kai,
There is a function called SEC_FindCrlByName which will return the CRL for an
issuer. From a CERTCertificate, you need to call CERT_FindIssuerCert first.
PKCS#11 modules may store more than one CRL for the CA. The function will only
return the most recent one. This is OK for now as we only support full CRLs.
In the future, when we support delta and other tpyes of CRLs, the CRL that NSS
uses will be an aggregate of multiple CRLs, but there should still only be one
aggregate returned per issuer.
Updated•22 years ago
|
Priority: -- → P2
Target Milestone: --- → Future
Comment 4•21 years ago
|
||
Mass change "Future" target milestone to "--" on bugs that now are assigned to
nobody. Those targets reflected the prioritization of past PSM management.
Many of these should be marked invalid or wontfix, I think.
Target Milestone: Future → ---
Updated•18 years ago
|
QA Contact: junruh → ui
Comment 5•11 years ago
|
||
The CRL Manager / Revocation Lists feature was removed.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INCOMPLETE
Assignee | ||
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•