Closed Bug 32010 Opened 25 years ago Closed 9 years ago

SSL client auth dialog needs "remember decision" box

Categories

(Core Graveyard :: Security: UI, enhancement, P3)

1.0 Branch
enhancement

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: jgmyers, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [psm-auth])

The "User Identification Request" dialog box for selecting the client cert to send to a server should have a "remember this decision" checkbox.
Version: 1.01 → 1.1
Changing QA contact to nitinp
QA Contact: lord → nitinp
Reassigning to ddrinan.
Assignee: lord → ddrinan
QA Contact: nitinp → junruh
Version: 1.1 → 1.5
Target -> 2.1
Target Milestone: --- → 2.1
Keywords: nsenterprise
target -> future remove nsenterprise.
Keywords: nsenterprise
Target Milestone: 2.1 → Future
Version: 1.5 → 2.0
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer
QA Contact: ckritzer → junruh
Would this feature remember based on the host, or needs it to consider the path, too?
Component: Daemon → Client Library
Summary: "User Identification Request" dialog needs "remember decision" box → SSL client auth dialog needs "remember decision" box
Remembering based on host would be sufficient, I believe. Since the SSL session (and thus the client cert) is shared across all paths on a host, this is reasonable.
Agreed. Kai, what we should do, if possible, is detect that a cert was presented because of a "remember this decision" hit on the client side. If the server rejects this certs, we should inform the user and not reuse the remembered cert when the user attempts again (at least in this session, but it's probably a better idea to just forget the prefs permanently).
Assignee: ddrinan → kaie
Blocks: clientauth
*** Bug 177689 has been marked as a duplicate of this bug. ***
I still don't see why bug 177689 should be a duplicate of this bug. If I select a button, I wish it simply to stay checked, and I don't need any extra dialogs to "remember this decision". It is a real bug not an enhancement.
QA Contact: junruh → bmartin
Mozilla Thunderbird 0.2 (20030901) (win98) Bug still here.
Product: PSM → Core
QA Contact: bmartin → ui
Version: psm2.0 → 1.0 Branch
Note that some work on this has been done in bug 431819.
This subject (browser UI for client cert selection) has recently gotten a bunch of discussion in the IETF TLS mailing list (of all places!), and in private emails among the participants in that thread. After participating in that, and being mindful of Firefox/Mozilla's desire to resist certs becoming yet-another way to silently track users, I offer these thoughts. 1. We don't want this cert selection dialog to be seen so often that it becomes yet another dialog that users "click through" mindlessly. I think this argues that the default should be to remember the user's choice. If the user does NOT want us to remember the choice, we should honor that, too, but I wouldn't make that the default. 2. We want the "path of least resistance" (the shortest easiest way to dismiss the dialog) to be one that chooses to send no cert, rather than being one that does send a cert. The "fail safe" choice should be to send no cert. 3. The choice of sending no cert should be one of the choices in the list of choices presented to the user. Today, we present the user with a set of certs from which to choose. If the user chooses any of them, we send a cert. If the user wants to choose "none of these", he must click "cancel", which is unintuitive. Cancel seems to suggest stopping the connection and the request, not merely sending no cert. So the choice of sending no cert should be in the list of choices. 4. We should remember the decision to send no cert, just like we remember the decision to send any other cert. Taking the above points together, the choice of "send no cert" should be the default choice, the choice that is pre-selected in the list of choices when the dialog appears. If the user wants to send a cert, he should pick one. But if he merely clicks OK, we should send no cert, and should remember that choice. Comments?
I'll bet Dan wants to participate in this discussion, too.
Whiteboard: [psm-auth]
> 4. We should remember the decision to send no cert, just like we remember > the decision to send any other cert. This is really important!!! I now have to click away the dialog for every mail I send in thunderbird if I do not want to send the cert w/ my private email addresses to my employee. Seems like Bug 135403 also addresses this.
reassign bug owner. mass-update-kaie-20120918
Assignee: kaie → nobody
I've patched my nightly in order to remove this dialog: it is really annoying.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: Future → ---
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.