Closed Bug 560454 Opened 15 years ago Closed 15 years ago

Detect and warn if certificate issuer changes for a site.

Categories

(Firefox :: Security, enhancement)

Product:
Firefox
Component:
Security
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 398721

People

(Reporter: cmouse, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) As a security measure against CA's handing out certificates for sites, firefox should detect changed issuer for a site, and provide a warning about this. This would make it harder, for example, goverment CA's to provide MtM certificates for filtering/screening purposes. Reproducible: Always Steps to Reproduce: 1. Create a site with SSL certificate signed with trusted CA 2. Change the ceritificate to another signed by another CA 3. You will still be told that the site is secure
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.