Closed
Bug 560454
Opened 15 years ago
Closed 15 years ago
Detect and warn if certificate issuer changes for a site.
Categories
(Firefox :: Security, enhancement)
Firefox
Security
Tracking
()
RESOLVED
DUPLICATE
of bug 398721
People
(Reporter: cmouse, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729)
As a security measure against CA's handing out certificates for sites, firefox should detect changed issuer for a site, and provide a warning about this. This would make it harder, for example, goverment CA's to provide MtM certificates for filtering/screening purposes.
Reproducible: Always
Steps to Reproduce:
1. Create a site with SSL certificate signed with trusted CA
2. Change the ceritificate to another signed by another CA
3. You will still be told that the site is secure
Updated•15 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•