Tue Jul 2 2024 05:54:14 PDT
  • Status: UNCONFIRMED, NEW, ASSIGNED, REOPENED
  • Product: Core
  • Component: Security: PSM
487 bugs found.
ID Type Summary Product Comp Assignee Status Resolution Updated
1460250 provide asynchronous versions of some PKCS#11 APIs Core Security: PSM nobody UNCO --- 2022-10-11
1642010 isDistrustedCertificateChain should check that certRoot->distrust->serverDistrustAfter is of the expected length Core Security: PSM nobody UNCO --- 2024-05-21
1657591 remember client auth decisions on a per-session basis Core Security: PSM nobody UNCO --- 2023-09-11
1818546 Firefox 110 generating popup to authenticate to security token Core Security: PSM nobody UNCO --- 2023-03-10
1838429 OCSP requests use System Principal Core Security: PSM nobody UNCO --- 2024-05-26
447794 Certificate backups use RC2/40 encryption Core Security: PSM nobody UNCO --- 2022-10-10
473795 Deleting a server certificate exception should confirm the server name, not the certificate name Core Security: PSM nobody UNCO --- 2022-10-10
477982 Prompt for SSL client certificates appears at erratic times Core Security: PSM nobody UNCO --- 2022-10-10
512437 provide better error message when client cert authentication fails Core Security: PSM nobody UNCO --- 2022-10-10
741327 Certificate selection modal dialog appears on wrong window Core Security: PSM nobody UNCO --- 2022-10-10
882625 Blocked SmartCard Pop-up Core Security: PSM nobody UNCO --- 2022-10-10
1002453 StartSSL certificate has weird name le-8bbf0da1-ccce-44d9-....... Core Security: PSM nobody UNCO --- 2022-10-11
1128278 OCSP requests are sent through proxy server without (required) authentication Core Security: PSM nobody UNCO --- 2022-10-11
1242078 error messages in the add certificate exception dialog differ from the error messages used elsewhere in Firefox Core Security: PSM nobody UNCO --- 12:12:03
1272749 When replacing expired digital certificate, Firefox requires close and open Core Security: PSM nobody UNCO --- 2024-02-27
1306582 make TLS 1.3 named groups configurable via prefs Core Security: PSM nobody UNCO --- 2022-10-11
1312195 nsISSLStatus has no fields for the ECDHE/DHE parameters Core Security: PSM nobody UNCO --- 2022-11-25
1322751 improve differentiation between builtin root certificates and imported certificates / certificates from pkcs#11 tokens in the certificate manager Core Security: PSM nobody UNCO --- 2022-10-11
1338480 nsIX509Cert.displayName is empty when a certificate has an empty subject distinguished name Core Security: PSM nobody UNCO --- 2022-10-11
1359902 server certificate issuer does not update in site identity box when it changes (after a refresh) Core Security: PSM nobody UNCO --- 2022-10-11
1365712 change nsIX509Cert.displayName to use the nickname of certificates on external tokens Core Security: PSM nobody UNCO --- 2022-10-11
1366995 Firefox continues to present a client certificate which has been deleted from its certificate store, until it is restarted Core Security: PSM nobody UNCO --- 2022-10-11
1374586 psm::Constructor should be initialized earlier in child process Core Security: PSM nobody UNCO --- 2022-10-11
1378269 Removing a CA certificate from the certificate manager does not clear existing TLS secrets Core Security: PSM nobody UNCO --- 2022-10-11
1380420 Improve the MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING error message Core Security: PSM nobody UNCO --- 2022-10-11
1474963 Firefox stalls after TLS handshake on self signed certificate - bug 1056341 not corrected Core Security: PSM nobody UNCO --- 2024-02-27
1526773 unclear error message in some situations Core Security: PSM nobody UNCO --- 2022-10-11
1557521 Certificate store does not recognize friendly names edited in windows. Cannot create any kind of "friendly" name within FF cert store. Core Security: PSM nobody UNCO --- 2020-05-18
1567825 make Firefox's use of NSS's sqlite-backed certdb more robust against transient network errors when the db is on a networked drive Core Security: PSM nobody UNCO --- 2023-12-11
1603082 Pinpad smartcard authentication text does not fit to the dialogue window Core Security: PSM nobody UNCO --- 2020-05-18
1613977 certificates imported from the OS may also exist in the user's certdb, which creates a confusing trust situation Core Security: PSM nobody UNCO --- 2020-05-18
1637754 Implement RFC 8740 "Using TLS 1.3 with HTTP/2" Core Security: PSM nobody UNCO --- 2024-06-05
1643083 TLS connection fails after page is shown; no detailed information is given Core Security: PSM nobody UNCO --- 2020-06-29
1651688 Improve usability of security module authentication popup Core Security: PSM nobody UNCO --- 2022-10-11
1698952 page info dialog asks for client certificate Core Security: PSM nobody UNCO --- 2021-04-19
1725025 CKR_GENERAL_ERROR when attempting smartcard authentication Core Security: PSM nobody UNCO --- 2023-08-03
1741567 As same as Chrome 96, Remove some insecure cipher suites Core Security: PSM nobody UNCO --- 2023-10-30
1761262 Certificates selected using "OS Client Cert Module" are assumed to be available even when the smart card is not Core Security: PSM nobody UNCO --- 2022-06-30
1771274 osclientcerts: determining if keys support rsa-pss is still a problem Core Security: PSM nobody UNCO --- 2022-06-30
1806785 certificates without a subject common name result in empty strings in some UI Core Security: PSM nobody UNCO --- 2022-12-21
1815931 consider treating stapled OCSP as an optimization Core Security: PSM nobody UNCO --- 2023-02-13
1843576 Not possible to check SSL certifcate when adding an exception manually via Edit->Settings due to modal dialog box Core Security: PSM nobody UNCO --- 2024-04-17
1851701 Authentication Decisions should remember host + PORT when presenting client certificates via SSL Core Security: PSM nobody UNCO --- 2023-09-20
1853982 Resizing certificate manager is broken - column sizes can only get bigger, which forces dialog bigger Core Security: PSM nobody UNCO --- 2024-04-03
1868961 Authentication Decisions: delete not in effect until cookie is cleared Core Security: PSM nobody UNCO --- 2023-12-11
1874674 client certificate popup migrates to another tab Core Security: PSM nobody UNCO --- 2024-01-16
1880024 client certificate selection dialog dis(appears) several times Core Security: PSM nobody UNCO --- 2024-02-27
1891826 Impossible to proceed (no matching certificates to delete): SEC_ERROR_REUSED_ISSUER_AND_SERIAL Core Security: PSM nobody UNCO --- 2024-04-19
506939 Firefox does not understand and inform the user when PKCS#11 token PIN is invalid or blocked. Core Security: PSM nobody UNCO --- 2022-10-10
953322 User-added CAs should be able to specify a domain for which they are trusted Core Security: PSM nobody UNCO --- 2022-10-11
1008120 Trailing dot in SNI HostName must be stripped according to RFC 3546 Core Security: PSM nobody UNCO --- 2023-09-20
1091857 Firefox does not show certificate selection dialog after installing new certificate Core Security: PSM nobody UNCO --- 2023-07-28
1220129 old client certificate used after it expired despite newer one added (ssl_error_expired_cert_alert after) Core Security: PSM nobody UNCO --- 2023-08-02
1328109 provide more explanation when a certificate is missing a subject alternative name extension Core Security: PSM nobody UNCO --- 2022-10-11
1328113 build feature to impose name constraints on imported (CA) certificates Core Security: PSM nobody UNCO --- 2022-10-11
1389783 no authentication dialog given for ocsp system connections Core Security: PSM nobody UNCO --- 2022-10-11
1399048 configure columns in certificate manager Core Security: PSM nobody UNCO --- 2022-10-11
1412691 Allow static pinning of DS records Core Security: PSM nobody UNCO --- 2022-10-11
1488742 Outdated Content-Signature Documentation Core Security: PSM nobody UNCO --- 2022-10-11
1492411 limit checking for smartcard changes to no more than once every interval, for some interval Core Security: PSM nobody UNCO --- 2022-10-11
1507231 backup certificate (with private key) does not ask master password Core Security: PSM nobody UNCO --- 2022-10-11
1589316 Firefox doesn't let user choose smart card to use for authentication before PIN prompts Core Security: PSM nobody UNCO --- 2022-10-11
1627645 add an option to only allow deprecated TLS versions for RFC 1918 addresses Core Security: PSM nobody UNCO --- 2020-12-12
1654000 [enterprise roots] trust system roots on linux Core Security: PSM nobody UNCO --- 2023-07-18
1721367 certificate manager: indicate when a certificate exists on multiple tokens Core Security: PSM nobody UNCO --- 2022-07-25
1721595 Certificate Manager reacts to ctrl-tab Core Security: PSM nobody UNCO --- 2023-05-24
1735782 client certificate selection dialog should show more differentiating information about each certificate in the drop-down Core Security: PSM nobody UNCO --- 2021-11-08
1740149 Smartcard login produces multiple password prompts and requires two tries for successful authentication Core Security: PSM nobody UNCO --- 2024-04-23
1751201 Add a log line to the FinishNPNSetup Function Core Security: PSM nobody UNCO --- 2022-03-25
1752722 Manual per-site certificate authority pinning Core Security: PSM nobody UNCO --- 2022-10-11
1780774 error: PR_END_OF_FILE_ERROR with a firewall blocking local page Core Security: PSM nobody UNCO --- 2023-03-10
1782680 Certificate Manager/Authentication Decisions: Delete... button has ellipsis even if it does not open a dialog Core Security: PSM nobody UNCO --- 2024-02-27
1782683 Preferences/Certificate Manager/Authentication Decisions : no sorting supported Core Security: PSM nobody UNCO --- 2022-08-02
1806812 Certificate Manager/Authentication Decisions: needs bulk delete Core Security: PSM nobody UNCO --- 2022-12-21
1844963 Setting security.nocertdb to true disables all installed add-ons and prevents new add-ons from being installed Core Security: PSM nobody UNCO --- 2023-10-05
1845855 hook up client authentication when neqo supports it Core Security: PSM nobody UNCO --- 2023-07-28
1847378 no way to list preloaded intermediate CA certificates Core Security: PSM nobody UNCO --- 2023-08-08
1892392 table headers switched in Certificate Manager / Servers Core Security: PSM nobody UNCO --- 2024-05-23
1892504 CertViewer does not display multiple policy qualifiers Core Security: PSM nobody UNCO --- 2024-04-23
1901994 Firefox unable to parse two OIDs in certificate subject DN Core Security: PSM nobody UNCO --- 2024-06-12
1861351 "Do not send client certificate" in the authentication decisions panel are not removed Core Security: PSM nobody UNCO --- 2023-11-08
1899986 Firefox seems to freeze when loading PKCS#11 device driver Core Security: PSM nobody UNCO --- 2024-05-31
1900136 Logging into sites that require PIV fail with A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred. Core Security: PSM nobody UNCO --- 2024-05-31
1565282 Empty unnecessary fields in IntermediatePreloading data Core Security: PSM dkeeler NEW --- 2022-10-11
1729538 test failure in security/manager/ssl/tests/unit/test_oskeystore.js on apple silicon Core Security: PSM dkeeler NEW --- 2021-10-08
1842872 stop caching intermediate certificates Core Security: PSM dkeeler NEW --- 2024-01-24
1905453 gather telemetry on third-party PKCS#11 module prevalence Core Security: PSM dkeeler NEW --- Fri 15:58
1901768 Upgrade Firefox 129 to use NSS 3.102 Core Security: PSM jschanck NEW --- Fri 11:37
1141544 Intermittent test_oob_cert_auth.js | xpcshell return code: 0 | :0: error: 127.0.0.1:49413 uses an invalid security certificate. Core Security: PSM nobody NEW --- 2022-10-11
1317792 modify the DataStorage eviction strategy to take into account eTLD+1 or similar Core Security: PSM nobody NEW --- 2022-10-11
1370516 NSS should be initialized off main thread Core Security: PSM nobody NEW --- 2023-12-11
1396030 Load PKCS#11 modules in isolated processes Core Security: PSM nobody NEW --- 2023-12-30
1409910 browser_certViewer.js fails intermittently under test-verify Core Security: PSM nobody NEW --- 2022-10-11
1410251 Emit a warning to the console when we encounter an invalid stapled OCSP response Core Security: PSM nobody NEW --- 2022-10-11
1415311 Make OCSP responses available to the certificate error page. Core Security: PSM nobody NEW --- 2023-09-05
1415312 Make CT SCTs available to the certificate error page. Core Security: PSM nobody NEW --- 2024-05-09
1431850 simplify how nsCertTree chooses which certificates to display Core Security: PSM nobody NEW --- 2022-10-11
1441548 Make CERT_VALIDATION_SUCCESS_BY_CA release telemetry available for consumption Core Security: PSM nobody NEW --- 2022-10-11
1449668 add a specific error code for when we run out of budget searching for a path in mozilla::pkix Core Security: PSM nobody NEW --- 2022-10-11
1541212 restrict nsICertStorage.getRevocationState to non-main-threads only Core Security: PSM nobody NEW --- 2022-10-11
1548956 make test_cert_storage_preexisting.js work on 32-bit platforms Core Security: PSM nobody NEW --- 2022-10-11
1554939 Leverage Uptake Telemetry for errors in Remote Settings "sync" event handlers Core Security: PSM nobody NEW --- 2022-10-11
1566558 be more careful about integer type sizes in nsSiteSecurityService Core Security: PSM nobody NEW --- 2020-05-18
1573607 Collect telemetry when SSLKEYLOGFILE is in use Core Security: PSM nobody NEW --- 2022-10-12
1606696 Enable CRLite telemetry-mode on mobile in Nightly Core Security: PSM nobody NEW --- 2023-10-03
1609449 nsCryptoHash should use a hashing API that indicates success/failure Core Security: PSM nobody NEW --- 2020-05-18
1610136 Avoid blocking shutdown to persist DataStorage values Core Security: PSM nobody NEW --- 2023-06-23
1619468 load of value 999, which is not a valid value for type 'SecurityPropertyState' in src/security/manager/ssl/nsSiteSecurityService.cpp:98 Core Security: PSM nobody NEW --- 2020-05-18
1632292 Disable DSA for all TLS operations Core Security: PSM nobody NEW --- 2020-05-05
1651193 Update PSM and NSS telemetry probes for Fenix Core Security: PSM nobody NEW --- 2023-12-11
1665788 nsIX509CertDB.getCerts should be asynchronous Core Security: PSM nobody NEW --- 2020-09-17
1677157 Enable CRLite on Android Core Security: PSM nobody NEW --- 2023-12-22
1809477 many security/manager/ssl/tests/unit xpcshell tests time out when run from an msix package Core Security: PSM nobody NEW --- 2023-01-25
1825720 The IntermediatePreloadingHealer timer runs every 5 minutes even when there is no other activity Core Security: PSM nobody NEW --- 2023-04-14
1548030 Flip the preference to enable CRLite Core Security: PSM jschanck NEW --- 2022-10-11
1796190 Optimize RemoteSecuritySettings attachment caching Core Security: PSM jschanck NEW --- 2022-10-19
1797589 Expired CRLite files should be deleted Core Security: PSM jschanck NEW --- 2022-10-26
1874959 [meta] Xyber768 experiment Core Security: PSM jschanck NEW --- 2024-06-12
396441 Improve SSL client-authentication UI Core Security: PSM kaie NEW --- 2022-07-25
91497 Rephrase SSL Client Certificate selection dialog Core Security: PSM nobody NEW --- 2022-10-10
100989 sort SSL client auth cert selection list based on expired/revoked state Core Security: PSM nobody NEW --- 2023-01-17
101611 Web sites can easily spoof the Master Password dialog Core Security: PSM nobody NEW --- 2022-10-17
135403 Add "None" button for client authentication, change cancel to cancel connection Core Security: PSM nobody NEW --- 2022-10-10
188338 Import failures don't result in an error message alert on the "People" and "Authorities" tab of the Certificate manager Core Security: PSM nobody NEW --- 2022-10-10
230301 No error message when PSM can't import a cert Core Security: PSM nobody NEW --- 2022-10-10
264096 check if NSS is initialized before calling NSS functions Core Security: PSM nobody NEW --- 2023-12-11
302238 When incorrect master password is entered, password manager should say so in master password dialog Core Security: PSM nobody NEW --- 2023-08-20
322438 if a server requested a client certificate and none is available, the user should be informed of this somehow Core Security: PSM nobody NEW --- 2022-10-10
336629 no error feedback if the PK11_InitPin call in nsPK11Token::InitPassword fails (e.g. a weak password in FIPS mode) Core Security: PSM nobody NEW --- 2022-10-10
337785 Importing CA chain: Can't import new intermediate if root is already present Core Security: PSM nobody NEW --- 2022-10-10
360594 Explore use cases behind certificate management, improve usability of the interface Core Security: PSM nobody NEW --- 2022-10-10
399643 Introduce a separate tab in cert manager for intermediate certs Core Security: PSM nobody NEW --- 2022-10-10
399914 Bad cert exception creation dialog should warn of existing exceptions Core Security: PSM nobody NEW --- 2022-10-10
407128 PKCS#11: CKF_PROTECTED_AUTHENTICATION_PATH login not abortable Core Security: PSM nobody NEW --- 2022-10-10
419069 SSL client authentication with no installed certificate gives a bad error message Core Security: PSM nobody NEW --- 2022-10-10
445098 Show a more specific error message than "ssl_error_rx_record_too_long" when we get an HTTP response Core Security: PSM nobody NEW --- 2022-10-10
448917 User Identification Request box does not move focus to the tab it is launched from Core Security: PSM nobody NEW --- 2022-10-10
454782 deleted certificates reappear in the certificate manager before restarting Firefox Core Security: PSM nobody NEW --- 2024-06-24
470926 Implement more stringent EV certificate checks in PSM Core Security: PSM nobody NEW --- 2022-10-10
487394 investigate setting NSS_DISABLE_ARENA_FREE_LIST so that NSS doesn't hold on to memory it's not using Core Security: PSM nobody NEW --- 2022-10-10
545606 Need to distinguish "Exception already exists" from "Valid Certificate" Core Security: PSM nobody NEW --- 2022-10-10
570421 [meta] Meta bug for master password issues Core Security: PSM nobody NEW --- 2024-02-27
593066 firefox should potentially clear remembered client authentication decisions upon (some) handshake failures Core Security: PSM nobody NEW --- 2023-02-16
652002 Clear Recent History must clear OCSP cache when "Site Specific Settings" is checked Core Security: PSM nobody NEW --- 2022-10-10
652003 Clear Recent History must clear intermediate certs cached during the given time period Core Security: PSM nobody NEW --- 2022-10-10
669970 remove the "Get Certificate" button from the certificate exception dialog Core Security: PSM nobody NEW --- 2022-10-10
674483 Master password dialog is not related/linked with browser window causing it to open above other windows Core Security: PSM nobody NEW --- 2022-11-16
676972 [TRACKING] Important PSM xpcshell tests are disabled on Android Core Security: PSM nobody NEW --- 2022-10-10
698243 nsNSSSocketInfo and nsSSLStatus are succeptable to race conditions Core Security: PSM nobody NEW --- 2023-12-11
698252 add tests to ensure that OCSP requests can't ever be affected by spdy/h2/alt-svc Core Security: PSM nobody NEW --- 2022-10-10
711014 Defer SSL initialization so that it doesn't occur during startup (during nsNSSComponent::Init) Core Security: PSM nobody NEW --- 2023-12-11
711015 Defer PKCS#12 (libsmime) initialization so that it doesn't occur during startup (during nsNSSComponent::Init) Core Security: PSM nobody NEW --- 2023-12-11
711785 Use SSL_NO_LOCKS option to reduce locking overhead Core Security: PSM nobody NEW --- 2022-10-10
734065 mochitests-5: SSL "mixedcontent" tests report "JavaScript error: https://example.com/tests/SimpleTest/SimpleTest.js, line 40: Permission denied to access property 'TestRunner'" Core Security: PSM nobody NEW --- 2022-10-10
759592 When multiple SSL handshakes are made in parallel, we may be requesting the same OCSP responses multiple times, one for each connection Core Security: PSM nobody NEW --- 2022-10-10
775698 [Tracking] Remove all synchronous (on the main thread) certificate validation and certificate database access Core Security: PSM nobody NEW --- 2023-06-24
791792 HTTPS tests do not run on Android Core Security: PSM nobody NEW --- 2022-10-10
797678 Remove all certificate error overrides for a host when we successfully verify a certificate for a host Core Security: PSM nobody NEW --- 2022-10-10
803582 Usage of OCSP fetching makes Firefox slow Core Security: PSM nobody NEW --- 2023-09-02
861311 limit false start when changing ALPN negotiated protocols Core Security: PSM nobody NEW --- 2022-10-10
867478 Remove support for email certificates from Gecko Core Security: PSM nobody NEW --- 2023-06-24
883674 RFC5746 renegotiation extension warnings are sent to the error console instead of the web console Core Security: PSM nobody NEW --- 2022-10-10
908125 Reject BR EE certificates with lifetimes / validity greater than the BRs allow Core Security: PSM nobody NEW --- 2022-10-10
921127 In PSM don't provide EV treatment when cert includes wildcards in the alt-dns name and common name fields Core Security: PSM nobody NEW --- 2023-07-27
926260 mozilla::pkix does not enforce name constraints on OCSP response signing certificates Core Security: PSM nobody NEW --- 2022-10-11
926261 mozilla::pkix does not enforce certificate policy on OCSP response signing certificates Core Security: PSM nobody NEW --- 2022-10-11
928456 make sure all applicable NSS functions are called between NSS init and shutdown Core Security: PSM nobody NEW --- 2023-12-11
951319 Add EV variants of OCSP tests Core Security: PSM nobody NEW --- 2022-10-11
953323 The add-a-CA UI should not allow enabling trust bits unrelated to the app Core Security: PSM nobody NEW --- 2022-10-11
963797 SSL Client authentication failed with level three self assigned certificate no certificate is imported Core Security: PSM nobody NEW --- 2022-10-11
968453 Add unit tests for x.509 extension parsing in mozilla::pkix's BackCert::Init Core Security: PSM nobody NEW --- 2022-10-11
968556 Document internal design of mozilla::pkix Core Security: PSM nobody NEW --- 2022-10-11
970196 Enforce that isCA bit and certSign/crlSign key usages are consistent in mozilla::pkix Core Security: PSM nobody NEW --- 2022-10-10
970760 Certificate key usage is not enforced strictly when verifying server certificate Core Security: PSM nobody NEW --- 2022-10-11
978831 Do not allow the server to change certificates during TLS renegotiation Core Security: PSM nobody NEW --- 2022-10-11
980536 ocsp testing: include revocationReason Core Security: PSM nobody NEW --- 2022-10-11
981060 don't clear the OCSP cache when security preferences change if we don't have to Core Security: PSM nobody NEW --- 2022-10-11
985025 mozilla::pkix: do not accept the presence of pathLenConstraint in EE basic constraints extensions Core Security: PSM nobody NEW --- 2022-10-11
987738 Avoid main-thread IO for {profile}\cert_override.txt Core Security: PSM nobody NEW --- 2022-11-21
989051 mozilla::pkix does not process the id-ce-inhibitAnyPolicy extension correctly. Core Security: PSM nobody NEW --- 2022-10-11
989518 mozilla::pkix: do not accept improper encodings of basicConstraints:cA Core Security: PSM nobody NEW --- 2022-10-11
991921 EV treatment should not be given when end-entity cert is signed directly by the root cert Core Security: PSM nobody NEW --- 2022-10-11
993038 persistently cache OCSP responses (so they survive across restarts) Core Security: PSM nobody NEW --- 2022-10-11
994981 certificate override manager has multiple usability issues with certificates that could act as CAs Core Security: PSM nobody NEW --- 2022-10-11
997994 mozilla::pkix: don't allow empty Extensions in OCSP responses Core Security: PSM nobody NEW --- 2022-10-11
1004350 Pin all the things Core Security: PSM nobody NEW --- 2024-05-23
1009101 bugs that need to be fixed for mozilla::pkix to be used in NSS Core Security: PSM nobody NEW --- 2023-12-11
1009102 CA compatibility issues that affect mozilla::pkix Core Security: PSM nobody NEW --- 2022-10-11
1009110 (mozilla::pkix-CAs) For intermediate certs, don't accept OCSP responses that are more than 10 days old Core Security: PSM nobody NEW --- 2022-10-11
1012902 add more xpcshell unit tests for the pinning implementation Core Security: PSM nobody NEW --- 2022-10-11
1028368 Add unit tests for GetOCSPAuthorityInfoAccessLocation in NSSCertDBTrustDomain.cpp Core Security: PSM nobody NEW --- 2022-10-11
1028781 PKCS#12 import probably doesn't work so well after we removed all the configuration for CERT_VerfiyCert since it uses CERT_VerifyCert Core Security: PSM nobody NEW --- 2022-10-10
1029832 [tracking] security ui papercuts Core Security: PSM nobody NEW --- 2022-10-11
1035493 remove the "Add Exception" button from the Server tab of the certificate manager Core Security: PSM nobody NEW --- 2022-10-11
1048977 Add telemetry to measure OCSP failures Core Security: PSM nobody NEW --- 2022-10-11
1050451 mozilla::pkix::VerifyEncodedOCSPResponse doesn't return validity period of the signer cert Core Security: PSM nobody NEW --- 2022-10-11
1059392 Switch default pinning enforcement level to strict Core Security: PSM nobody NEW --- 2022-10-11
1075167 Report original error when failing on a TLS downgrade alert (SCSV) Core Security: PSM nobody NEW --- 2022-10-11
1077192 mozilla::pkix: more testing of signature algorithms Core Security: PSM nobody NEW --- 2022-10-11
1083446 Add Tests for CT Precertificate Signing Certificates Core Security: PSM nobody NEW --- 2022-10-11
1089906 the histogram data from SSL_VERSION_FALLBACK_INAPPROPRIATE indicates we're encountering an error we're not handling in tlsIntoleranceTelemetryBucket Core Security: PSM nobody NEW --- 2022-10-11
1092243 adding a certificate exception via the certificate manager makes it look like it's possible to do so for HSTS sites Core Security: PSM nobody NEW --- 2023-03-02
1093305 only accept critical id-pkix-ocsp-nocheck extension in certificates being verified in an OCSP context Core Security: PSM nobody NEW --- 2022-10-11
1107794 Investigate/Fix LD_LIBRARY_PATH GreBinD issue in head_psm.js Core Security: PSM nobody NEW --- 2022-10-11
1116976 uncaught exceptions can leave the certificate exception dialog box in an unusable state Core Security: PSM nobody NEW --- 2022-10-11
1121695 Incorrect SSL error message when DNS name entry is equal to an IP address Core Security: PSM nobody NEW --- 2022-10-11
1122775 differentiate errors resulting from online OCSP and stapled OCSP Core Security: PSM nobody NEW --- 2022-10-11
1123805 mozilla::pkix's BuildCertChain doesn't fully validate the key of the passed-in certificate, because NSSCheckPublicKey doesn't Core Security: PSM nobody NEW --- 2022-10-11
1130653 Add telemetry for signature algorithm usage during certificate verification Core Security: PSM nobody NEW --- 2022-10-11
1130753 Pass more details of the public key to the TrustDomain Core Security: PSM nobody NEW --- 2022-10-11
1133562 Add telemetry for mapping KeyUsage to TLS key exchange algorithm Core Security: PSM nobody NEW --- 2022-10-11
1134456 Add GTests for RSA public key size checking and Elliptic Curve checking Core Security: PSM nobody NEW --- 2022-10-11
1135525 certificate manager: managing trust opens many dialogs Core Security: PSM nobody NEW --- 2022-10-11
1137484 Show Untrusted Connection Error when cert in chain uses less than RSA 2048 signatures Core Security: PSM nobody NEW --- 2022-10-11
1139039 investigate where underscores should be allowed in mozilla::pkix name matching after bug 1136616 Core Security: PSM nobody NEW --- 2024-02-27
1144902 add name constraint tests for RFC822Names and emailAddress AVAs in subject DNs Core Security: PSM nobody NEW --- 2022-10-11
1155767 verify that if an AVA is a PrintableString it consists only of characters valid for PrintableStrings Core Security: PSM nobody NEW --- 2022-10-11
1172495 Update nsNSSComponent and Telemetry to handle new OCSP options Core Security: PSM nobody NEW --- 2022-10-11
1184059 compatibility issues with domain labels beginning or ending with hyphens Core Security: PSM nobody NEW --- 2024-04-08
1185626 better handle CERT_FindCertByIssuerAndSN failing in PSM Core Security: PSM nobody NEW --- 2023-10-04
1202112 A top-level includeSubdomains directive does not enforce STS for subdomains if there is an intermediate superdomain without the includeSubdomains directive Core Security: PSM nobody NEW --- 2022-10-11
1212393 Intermittent test_validity.js | xpcshell return code: 0 | Should have 0 remaining expected OCSP responses - 1 == 0 Core Security: PSM nobody NEW --- 2023-05-22
1221033 Make expiry non-overrideable for short-lived certificates Core Security: PSM nobody NEW --- 2022-10-11
1225288 when building the pinning preload list, don't allow built-in roots that aren't trusted for TLS Core Security: PSM nobody NEW --- 2022-10-11
1227520 Establish deprecation date for RSA key exchange Core Security: PSM nobody NEW --- 2022-10-11
1227522 Establish deprecation date for CBC cipher suits Core Security: PSM nobody NEW --- 2023-06-19
1230312 track fixing platform leaks of NSS resources Core Security: PSM nobody NEW --- 2023-12-11
1242827 Intermittent test_ocsp_stapling_expired.js | Test timed out Core Security: PSM nobody NEW --- 2022-10-11
1249002 Add the ability to prevent certain certificates from being added to the CertBlocklist Core Security: PSM nobody NEW --- 2022-06-30
1252721 Use Assert.jsm numeric comparison functions in PSM tests Core Security: PSM nobody NEW --- 2022-10-10
1256071 disallow string types other than PrintableString and UTF8String in certificate distinguished names as per RFC 5280 section 4.1.2.4 Core Security: PSM nobody NEW --- 2022-10-11
1256073 disallow matching UTF8String with PrintableString in distinguished name comparisons as per RFC 5280 section 4.2.1.10 Core Security: PSM nobody NEW --- 2022-10-11
1259320 Remove -wd4456 and -wd4458 from security/**/moz.build Core Security: PSM nobody NEW --- 2022-10-11
1266946 Intermittent test_ocsp_stapling.js | xpcshell return code: 0 | - Actual and expected connection result should match - 2153394070 == 0 Core Security: PSM nobody NEW --- 2022-10-11
1267861 investigate deleting certificates immediately rather than upon destruction Core Security: PSM nobody NEW --- 2022-10-11
1271618 PSM UI indicators for when a PKCS#11 token PIN is blocked, etc. Core Security: PSM nobody NEW --- 2022-06-06
1281469 Implement Certificate Transparency support (RFC 6962) Core Security: PSM nobody NEW --- 2024-06-11
1287300 Add performance telemetry for TLS 1.3 Core Security: PSM nobody NEW --- 2022-10-11
1294897 track implementing and using js certificate decoder Core Security: PSM nobody NEW --- 2022-10-11
1295698 Tool/Script to check that the CA Community in Salesforce data is in sync with the NSS root store and ExtendedValidation.cpp Core Security: PSM nobody NEW --- 2022-10-11
1303098 Sudden and prolonged change in distribution of DATA_STORAGE_ENTRIES probe on Nightly 20160910 Core Security: PSM nobody NEW --- 2022-10-11
1303100 Add alert_emails field for Telemetry probe DATA_STORAGE_ENTRIES and other, related probes Core Security: PSM nobody NEW --- 2022-10-11
1303414 increase preloaded information lifetimes Core Security: PSM nobody NEW --- 2022-10-11
1303415 develop tool to increase visibility on when preloaded security information will expire in versions that have shipped/will ship Core Security: PSM nobody NEW --- 2022-10-11
1306361 Clean up redundant security/manager/pki JS code. Core Security: PSM nobody NEW --- 2022-10-10
1307620 update AccumulateECCCurve to handle all enabled named groups Core Security: PSM nobody NEW --- 2022-10-11
1309221 Intermittent security/manager/ssl/tests/unit/test_ocsp_caching.js | - Actual and expected connection result should match - 2153394070 == 0 Core Security: PSM nobody NEW --- 2022-10-11
1310840 Intermittent test_ocsp_no_hsts_upgrade.js | - Actual and expected connection result should match - 2153394070 == 0 Core Security: PSM nobody NEW --- 2022-10-11
1311377 [Tracking] SSL_ERROR_UNRECOGNIZED_NAME_ALERT related OCSP test intermittent failures Core Security: PSM nobody NEW --- 2022-10-11
1311753 audit PSM initialization for silent failures that may result in an unusable session Core Security: PSM nobody NEW --- 2022-10-11
1316070 improve RememberCertErrorsTable API and related machinery Core Security: PSM nobody NEW --- 2022-10-11
1316076 add_connection_test should modify "network.dns.localDomains" rather than clobbering it entirely Core Security: PSM nobody NEW --- 2022-10-11
1316293 pkcs11testmodule.cpp should ensure tokenPresent doesn't change in between calls to Test_C_GetSlotList() Core Security: PSM nobody NEW --- 2022-10-11
1317245 Require id-kp-serverAuth for all TLS end-entity certificates Core Security: PSM nobody NEW --- 2022-10-11
1321608 add more test coverage for nsIX509Cert.displayName (see bug 857627) Core Security: PSM nobody NEW --- 2022-10-11
1323141 tryLater OCSP response causes hard failure when stapled Core Security: PSM nobody NEW --- 2022-10-11
1330968 Make OneCRL name comparisons encoding agnostic Core Security: PSM nobody NEW --- 2022-10-11
1332734 ensure that the certificates for PSM xpcshell tests that verify certificates at a particular time are always valid for that time Core Security: PSM nobody NEW --- 2022-10-11
1338873 Revert const changes from bug 1335294 when practicable Core Security: PSM nobody NEW --- 2022-10-11
1341528 importCertsFromFile should return an array of certs Core Security: PSM nobody NEW --- 2022-10-11
1343806 Drop the flags parameters from nsISiteSecurityService functions and make the origin attributes parameters mandatory. Core Security: PSM nobody NEW --- 2022-10-11
1344164 Test that HSTS and HPKP preload works correctly under origin attributes isolation. Core Security: PSM nobody NEW --- 2023-03-02
1346861 Automatically regenerate CA RootHashes.inc Core Security: PSM nobody NEW --- 2022-10-11
1347872 nsISecretDecoderRing should have methods that handle binary as ArrayBuffers instead of JS strings Core Security: PSM nobody NEW --- 2022-10-11
1352263 add telemetry for how often certificates with an EV OID fail to validate as EV Core Security: PSM nobody NEW --- 2022-10-11
1355903 Re-enable Certificate Transparency telemetry collection Core Security: PSM nobody NEW --- 2024-06-11
1359647 add telemetry for how frequently users have non-default trust anchors Core Security: PSM nobody NEW --- 2022-10-11
1360615 make it harder to do the wrong thing with CTLogOperatorInfo.id Core Security: PSM nobody NEW --- 2022-10-11
1361118 Constrain intermediates of the Firefox PKI to specific functions Core Security: PSM nobody NEW --- 2022-10-11
1361177 add more comprehensive certificate transparency integration tests Core Security: PSM nobody NEW --- 2022-10-15
1361759 Enable MSVC -Wall for security/manager/ssl/ Core Security: PSM nobody NEW --- 2022-10-11
1366582 Remove "Enable FIPS" button Core Security: PSM nobody NEW --- 2022-10-10
1367507 security.OCSP.require doesn't work when fetching OCSP only for EV Core Security: PSM nobody NEW --- 2022-10-11
1368104 Use [infallible] more in PSM IDL files Core Security: PSM nobody NEW --- 2022-10-11
1370834 Initializing NSS requires too much IO Core Security: PSM nobody NEW --- 2023-12-11
1372418 initializing EC keys for certificate transparency can fail if the profile is in FIPS mode (and maybe the sql db?) Core Security: PSM nobody NEW --- 2022-10-11
1383279 Don't enter FIPS Mode unless NSS is more likely FIPS-compliant Core Security: PSM nobody NEW --- 2023-12-11
1387855 getHSTSPreloadList.js only adds but never removes domains Core Security: PSM nobody NEW --- 2023-03-02
1391062 don't offer to unload the NSS softoken or builtin roots module in the PKCS#11 device manager ("security devices") Core Security: PSM nobody NEW --- 2023-12-11
1416332 modifying psm xpcshell test certificates breaks local tests Core Security: PSM nobody NEW --- 2022-10-11
1425832 Using Services.prompt from pippki.js breaks browser_loadPKCS11Module_ui - should use PromptTestUtils Core Security: PSM nobody NEW --- 2024-01-26
1427717 Certificate Manager & related dialogs need tests Core Security: PSM nobody NEW --- 2022-10-11
1429800 [meta] Implement a CRLite based revocation mechanism Core Security: PSM nobody NEW --- 2024-06-07
1443554 show an error message when importing a certificate in the certificate manager fails Core Security: PSM nobody NEW --- 2022-10-11
1446382 Remove "tree" from the certificate manager Core Security: PSM nobody NEW --- 2022-10-11
1446385 Remove "tree" from the device manager Core Security: PSM nobody NEW --- 2022-10-11
1446645 nsISecretDecoderRing.logoutAndTeardown() should probably only terminate client-cert-authenticated connections Core Security: PSM nobody NEW --- 2022-10-11
1447011 Permit setting HSTS entries only on the host name or the eTLD+1 Core Security: PSM nobody NEW --- 2023-03-02
1447363 figure out why NSS resources leak at shutdown on android Core Security: PSM nobody NEW --- 2023-12-11
1448687 certificate linter: warn if the server certificate has invalid DNSNames/IPAddresses etc. Core Security: PSM nobody NEW --- 2022-10-11
1463865 [meta] Support OS-level secret-keeping Core Security: PSM nobody NEW --- 2024-03-21
1468223 [meta] No More Dialogs from C++ Core Security: PSM nobody NEW --- 2021-07-13
1468226 No More Dialogs from nsIX509CertDB Core Security: PSM nobody NEW --- 2022-10-11
1468227 No More Dialogs from ClientAuthDataRunnable (nsNSSIOLayer.cpp) Core Security: PSM nobody NEW --- 2022-10-11
1468228 No More Dialogs from PKCS#11 module pin unlock Core Security: PSM nobody NEW --- 2022-10-11
1468229 No More Dialogs from Setting PKCS#11 module pin Core Security: PSM nobody NEW --- 2022-10-11
1476864 nsPK11Token is main-thread only Core Security: PSM nobody NEW --- 2022-10-11
1477365 figure out some way to test the enterprise roots feature on OS X Core Security: PSM nobody NEW --- 2022-10-11
1478921 Implement OS key-store adapter for Android Core Security: PSM nobody NEW --- 2023-02-17
1484751 [meta] IPC PSM API for network process isolation Core Security: PSM nobody NEW --- 2022-10-11
1487282 Expunge some TLS-related prefs Core Security: PSM nobody NEW --- 2022-10-11
1490935 Security Devices list in Preferences shows 'Manufacturer', 'HW Version' and 'FW Version' rows twice in grid Core Security: PSM nobody NEW --- 2022-10-11
1494478 [meta] Add an API to re-authenticate the user with the operating system (OS) Core Security: PSM nobody NEW --- 2023-11-02
1510003 No visible failure report when importing PKCS12 cert into People tab in Certificate manager Core Security: PSM nobody NEW --- 2022-10-11
1513069 [meta] enterprise roots Core Security: PSM nobody NEW --- 2023-08-15
1535662 [meta] intermediate preloading tracking bug Core Security: PSM nobody NEW --- 2024-02-27
1540639 separate built-in roots from user-added or cached certificates in the certificate manager Core Security: PSM nobody NEW --- 2022-10-11
1540642 Verifying multiple signatures for the same x5u is not efficient Core Security: PSM nobody NEW --- 2022-10-11
1540645 Add Web IDL constructor for signature verifier Core Security: PSM nobody NEW --- 2022-10-11
1542028 add a getter for the raw bytes of something decoded by DER.jsm/X509.jsm Core Security: PSM nobody NEW --- 2022-10-11
1546675 Ship security settings JSON dumps on mobile? Core Security: PSM nobody NEW --- 2022-10-11
1555404 [meta] Support dynamic TLS cipher suites Core Security: PSM nobody NEW --- 2022-10-11
1557378 Investigate linking softokn/freebl/nss thingies directly into libxul or use readahead to make actual nss initialization cheaper Core Security: PSM nobody NEW --- 2023-12-11
1557934 certificate manager misleads users into thinking they can delete built-in roots Core Security: PSM nobody NEW --- 2022-10-11
1558329 master password dialog pops up when watching full screen video Core Security: PSM nobody NEW --- 2020-05-18
1562324 [meta] Use nsIOSKeystore for Passwords, Certificates, and Secrets Core Security: PSM nobody NEW --- 2024-01-16
1562325 Design mechanism to share / backup / restore profile secrets kept via nsIOSKeystore Core Security: PSM nobody NEW --- 2023-11-02
1562772 Show users that a Delegated Credential is in-use Core Security: PSM nobody NEW --- 2022-10-11
1566191 [meta] track not decoding certificate information in the content process(es) Core Security: PSM nobody NEW --- 2022-01-04
1585462 remove CERT_FindUserCertsByUsage from nss.symbols Core Security: PSM nobody NEW --- 2022-10-11
1586794 Turn on HTTP3 tests on all platforms Core Security: PSM nobody NEW --- 2024-01-25
1591269 [meta] osclientcerts tracking bug Core Security: PSM nobody NEW --- 2024-02-27
1591567 the certificate manager should find certificates asynchronously Core Security: PSM nobody NEW --- 2020-05-18
1599593 Ensure browser_certViewer.js can run with --verify and investigate related intermittent failures. Core Security: PSM nobody NEW --- 2022-10-11
1600449 Log a warning message when a site uses RSA-PKCS1-SHA1 signature scheme Core Security: PSM nobody NEW --- 2022-10-11
1601787 disable "delete" and "backup" buttons in certificate manager for client certificates that are not on the softoken Core Security: PSM nobody NEW --- 2024-05-24
1639914 SEC_ERROR_OCSP_SERVER_ERROR with most https websites when security.OCSP.require is set to true and a https .pac file is used Core Security: PSM nobody NEW --- 2020-06-28
1640038 Signature verifier throws NS_ERROR_ILLEGAL_VALUE if signature length is even Core Security: PSM nobody NEW --- 2022-10-11
1643748 return xpcom-ified NSS error codes from constructX509* Core Security: PSM nobody NEW --- 2023-12-11
1664048 [meta] track avoiding NSS types in PSM Core Security: PSM nobody NEW --- 2024-04-24
1679954 Use nsIX509CertDB.asyncGetCerts instead of blocking the main thread Core Security: PSM nobody NEW --- 2022-11-29
1680819 enable intermediate preloading on focus Core Security: PSM nobody NEW --- 2023-12-22
1689728 [tracking] use NSS only on the socket thread Core Security: PSM nobody NEW --- 2023-12-11
1691027 asyncHasThirdPartyRoots can cause authentication dialogs to appear at startup (from DoHHeuristics.jsm) Core Security: PSM nobody NEW --- 2022-10-14
1697849 Make nsPK11Token's APIs run asynchronously in the socket thread Core Security: PSM nobody NEW --- 2022-10-11
1705732 Incorrect tags are used when decoding issuerUniqueID and subjectUniqueID in X509.jsm Core Security: PSM nobody NEW --- 2021-04-19
1708397 Measure size of data received during TLS handshake Core Security: PSM nobody NEW --- 2021-06-10
1715443 pycert.py constructs certificate lifespans without accounting for RFC 5280 validity period inclusivity Core Security: PSM nobody NEW --- 2022-11-10
1718303 Use NSS only on socket thread in nsNSSCertificate Core Security: PSM nobody NEW --- 2023-12-11
1718304 Use NSS only on socket thread in nsNSSComponent Core Security: PSM nobody NEW --- 2023-12-11
1718305 Use NSS only on socket thread in nsNSSCertificateDB::ImportCertsIntoTempStorage/ImportCertsIntoPermanentStorage Core Security: PSM nobody NEW --- 2023-12-11
1718306 Use NSS only on socket thread in nsNSSCertificateDB::DeleteCertificate Core Security: PSM nobody NEW --- 2023-12-11
1718307 Use NSS only on socket thread in nsNSSCertificateDB::SetCertTrust Core Security: PSM nobody NEW --- 2023-12-11
1718308 Use NSS only on socket thread in nsNSSCertificateDB::AddCert Core Security: PSM nobody NEW --- 2023-12-11
1729554 8 autofill test failures skipped on apple silicon Core Security: PSM nobody NEW --- 2024-04-23
1729923 Shutdown crash in "NSS_Shutdown failed" after profiling a remote firefox Core Security: PSM nobody NEW --- 2023-12-11
1746467 update pinning metadata automation to be a bit more robust Core Security: PSM nobody NEW --- 2022-10-11
1769288 Add telemetry measuring time spent initializing NSS Core Security: PSM nobody NEW --- 2022-10-11
1772152 Ignore PKCS#7 Signatures on Addons when they aren't required. Core Security: PSM nobody NEW --- 2023-03-15
1774065 Automate removing entries for expired certificates from OneCRL Core Security: PSM nobody NEW --- 2022-10-11
1778337 Stored credit card number and associated data not filled in despite being offered to autofill Core Security: PSM nobody NEW --- 2024-06-04
1779651 use SmallVec<[u8; 17]> to store stash serials in cert_storage Core Security: PSM nobody NEW --- 2022-11-29
1800852 nsINSSComponent.ClearSSLExternalAndInternalSessionCache is racy with socket process Core Security: PSM nobody NEW --- 2024-04-23
1815770 Automate generation of certificates for test_signed_apps.js Core Security: PSM nobody NEW --- 2023-02-08
1816878 Add Prefs for Client Hello Permutation and GREASE Core Security: PSM nobody NEW --- 2023-08-28
1819954 [meta] Ensure HSTS works properly Core Security: PSM nobody NEW --- 2024-05-28
1834770 Startup Crash in [@ InitializeNSSWithFallbacks] Core Security: PSM nobody NEW --- 2024-01-28
1840056 Update python rsa package in third_party/python/rsa Core Security: PSM nobody NEW --- 2024-04-23
1846723 SecretDecoderRing (SDR) should use AES Core Security: PSM nobody NEW --- 2024-04-23
1849161 kod.ldora.cn - Firefox blocks sites after remembering the mTLS certificate setup Core Security: PSM nobody NEW --- 2023-09-21
1869269 Migrate TLS Telemetry to GLEAN Core Security: PSM nobody NEW --- 2024-05-13
1869537 The certificate manager dialog is also resized after resizing the certificate manager table column many times Core Security: PSM nobody NEW --- 2024-04-23
1873972 [meta] tracking TLS error page reduction work Core Security: PSM nobody NEW --- 2024-01-10
1874165 Primary password prompt appears when visiting ipv6-test.com or zomato.com despite no saved logins Core Security: PSM nobody NEW --- 2024-02-06
1880245 Unreported heap-unclassified memory for cert_storage::SecurityState::load_crlite_filter Core Security: PSM nobody NEW --- 2024-02-28
1880709 Remove Firefox Prefs for deprecated TLS Versions (1.0, 1.1). Core Security: PSM nobody NEW --- 2024-02-26
1895259 Crash in [@ shutdownhang | alloc::raw_vec::RawVec<T>::current_memory] Core Security: PSM nobody NEW --- 2024-06-10
1896181 Incorrect Handling of Key Usage Extension in SSL Certificates by Firefox Core Security: PSM nobody NEW --- 2024-05-10
1896997 Limit the size of secrets stored in OSKeyStore Core Security: PSM nobody NEW --- 2024-05-21
1527745 Implement OS re-authentication on Linux (Gnome Keyring) Core Security: PSM nobody NEW --- 2024-06-24
1736612 Provide infra which allows to query Cert Revocation Info within a given httpChannel Core Security: PSM nobody NEW --- 2022-02-18
1774485 Intermittent security/manager/ssl/tests/unit/test_cert_overrides.js | - Actual and expected connection result should match - 2152398868 == 2153394164 after xpcshell return code: 0 Core Security: PSM dkeeler NEW --- 2022-08-02
1585916 Intermittent security/manager/ssl/tests/unit/test_session_resumption.js | xpcshell return code: 0 | Actual and expected base path should match - "" == "ev-test"/"ev-test-intermediate" Core Security: PSM dothayer NEW --- 2022-10-11
1673969 Exempt non mozilla root certificates from OCSP stapling time limits (or relax these limits). Core Security: PSM emilio NEW --- 2024-04-23
1735832 Certificate Manager: Allow viewing the validity of an end entity certificate Core Security: PSM kaie NEW --- Mon 11:02
82903 [CertMgr] selecting multiple certs behavior needs polish Core Security: PSM nobody NEW --- 2022-10-10
106604 Disable all non-FIPS ciphersuites while in FIPS mode Core Security: PSM nobody NEW --- 2021-10-27
129301 Better support for Certs from multiple sources. Core Security: PSM nobody NEW --- 2022-10-10
166198 add certificate exception dialog uses web-specific terminology Core Security: PSM nobody NEW --- 2022-10-10
236461 Problems importing a PKCS #7 certificate set in Mozilla Core Security: PSM nobody NEW --- 2022-10-10
263212 NSS build fails when passed directories containing = Core Security: PSM nobody NEW --- 2023-12-11
269022 Edit CA trust dialog shows the name of certain certs to be the empty string Core Security: PSM nobody NEW --- 2022-10-10
353979 PSM smart card password prompt is unclear Core Security: PSM nobody NEW --- 2022-10-10
357595 Importing non-email certificates into the "people" tab succeeds with no apparent result Core Security: PSM nobody NEW --- 2022-10-10
401956 improve how certificate error exceptions are displayed in the certificate manager Core Security: PSM nobody NEW --- 2022-10-10
419887 PSM should use scoped/unique data types for buffers (rather than raw char*, etc.) Core Security: PSM nobody NEW --- 2022-10-10
435013 Cert error "sec_error_reused_issuer_and_serial" (e.g. for Linksys devices) cannot be overridden Core Security: PSM nobody NEW --- 2023-07-10
437690 PSM should call PK11_UnconfigurePKCS11 to avoid leak of strings Core Security: PSM nobody NEW --- 2022-10-10
446335 Add button to restore default root certificates Core Security: PSM nobody NEW --- 2022-10-10
459835 nsICryptoHash.updateFromStream doesn't like an zero length stream Core Security: PSM nobody NEW --- 2022-10-10
459971 Find a way to simulate Protected-Auth in Firefox, without hardware/software Core Security: PSM nobody NEW --- 2022-10-10
460987 Deleting user's cert also deletes corresponding private key Core Security: PSM nobody NEW --- 2022-10-10
471150 Installation of Personal Certificate Should Suggest Setting a Master Password Core Security: PSM nobody NEW --- 2022-10-10
488485 "CA Certificate already installed" prompt should have option to edit trust settings Core Security: PSM nobody NEW --- 2022-10-10
511652 Add a GUI option to toggle the "Friendly certs" option of NSS Core Security: PSM nobody NEW --- 2023-12-18
533442 Wrong and confusing description for Certification Authorities in the CA trust editing dialog Core Security: PSM nobody NEW --- 2022-10-10
552555 some nsIX509CertDB methods don't take a ctx for window parenting Core Security: PSM nobody NEW --- 2022-10-10
560922 Store certificates along with history Core Security: PSM nobody NEW --- 2022-10-10
643900 Enabling HSTS for a site doesn't force safe renegotiation to be required for the site Core Security: PSM nobody NEW --- 2023-03-02
644020 Client cert dialog should indicate whether cert will be sent in the clear or encrypted Core Security: PSM nobody NEW --- 2022-10-10
645389 indicate which server failed when encountering sec_error_ocsp_server_error errors Core Security: PSM nobody NEW --- 2022-10-10
648431 Do not read NSS secmod.db at startup unless the user actually customized his set of security modules Core Security: PSM nobody NEW --- 2023-12-11
657591 When using custom PKCS11 module, certificates on a smart card that have empty CKA_LABEL value are not shown in personal certificates list and are not usable. Core Security: PSM nobody NEW --- 2022-10-10
665859 Change default of security.ssl.treat_unsafe_negotiation_as_broken to true Core Security: PSM nobody NEW --- 2022-10-10
672293 Certificate Manager doesn't sort certificates correctly (problem with non-ascii chars) Core Security: PSM nobody NEW --- 2022-10-10
673706 Review uses of PK11_GenerateRandom on performance-critical threads (main thread, socket thread) to see if it blocks too long (e.g. by doing disk I/O) Core Security: PSM nobody NEW --- 2022-10-10
698984 There is no testing for correct display/calculation of EV (extended validation) status Core Security: PSM nobody NEW --- 2022-10-10
706955 Cleanup cert verification thread pool initiation and shutdown after bug 674147 landing Core Security: PSM nobody NEW --- 2024-02-27
719298 Stop exposing NSS certificate validation APIs from NSS when MOZ_FOLD_LIBS is set Core Security: PSM nobody NEW --- 2023-12-11
733716 Improve Certificate Manager, show explicit trust, work better with distrusted certificates Core Security: PSM nobody NEW --- 2024-04-26
812598 Entire SSL session cache is cleared when closing last private browsing window Core Security: PSM nobody NEW --- 2022-10-10
934699 nsProtectedAuthThread: inconsistent treatment of mSlot Core Security: PSM nobody NEW --- 2022-10-11
951437 hsts preload list: make error reporting more clear when we're keeping a site on the list that we can't connect to Core Security: PSM nobody NEW --- 2023-03-02
979055 figure out an efficient way to parametrize OCSP response properties in tests Core Security: PSM nobody NEW --- 2022-10-11
989833 Double-check calls to der::Nested()/der::End() in mozilla::pkix Core Security: PSM nobody NEW --- 2022-10-10
1024781 when creating a domain mismatch error string, check that the subject alt name dNSName entries are valid names Core Security: PSM nobody NEW --- 2022-10-11
1031093 Stop accepting explicit encoding of "version 1" in OCSP responses Core Security: PSM nobody NEW --- 2022-10-11
1048037 Add assertions for mozilla::pkix::Input and mozilla::pkix::Reader invariants Core Security: PSM nobody NEW --- 2022-10-10
1057109 Improve definition of MOZILLA_PKIX_ARRAY_LENGTH Core Security: PSM nobody NEW --- 2022-10-11
1089430 mozilla::pkix doesn't verify that an IPAddress name constraint is a valid subnet mask Core Security: PSM nobody NEW --- 2022-10-10
1114787 Implement CheckRFC822Name (S/MIME email address checking) Core Security: PSM nobody NEW --- 2022-10-10
1116625 poor interaction between "never remember history" and permanently saving certificate exceptions Core Security: PSM nobody NEW --- 2022-10-11
1121985 Add telemetry to measure name constraints violations Core Security: PSM nobody NEW --- 2022-10-11
1129077 Remove support for certificates that use the P-521 curve Core Security: PSM nobody NEW --- 2022-10-11
1129540 mozilla::pkix should provide a parser for the Authority Information Access (AIA) certificate construct Core Security: PSM nobody NEW --- 2022-10-11
1136338 CertManager: Make it less tedious to Delete/Distrust large numbers of entries Core Security: PSM nobody NEW --- 2022-10-11
1165987 use mozilla::pkix to extract data when gathering telemetry in SSLServerCertVerification.cpp Core Security: PSM nobody NEW --- 2022-10-11
1168603 hpkp implementation conflates user-installed CAs with pinning override Core Security: PSM nobody NEW --- 2022-10-11
1191998 nsISSLStatusProvider.SSLStatus.serverCert should contain the list of subject alternative names Core Security: PSM nobody NEW --- 2022-10-11
1244559 Intermittent e10s test_unsecureIframe2.html | application timed out after 330 seconds with no output Core Security: PSM nobody NEW --- 2022-10-11
1247326 PSM should check channelInfo.length on return Core Security: PSM nobody NEW --- 2022-10-11
1250696 .onion names contain their own validator, we should use that Core Security: PSM nobody NEW --- 2022-10-11
1251230 Disable FIPS button seems to work intermittently Core Security: PSM nobody NEW --- 2022-10-11
1270969 remove dbKey usage from nsCertOverrideService.cpp Core Security: PSM nobody NEW --- 2022-10-11
1273747 Clean up nsNTLMAuthModule Core Security: PSM nobody NEW --- 2022-10-11
1281037 HSTS cache eviction heuristic is suboptimal Core Security: PSM nobody NEW --- 2023-03-02
1303870 call SSL_ConfigServerSessionIDCache on-demand when TLSServerSocket is used Core Security: PSM nobody NEW --- 2022-10-11
1331861 SSSLog uses %ld to print int64_t Core Security: PSM nobody NEW --- 2022-10-11
1345454 [Regression] Description is not properly folded for some authorities in "Edit CA certificate trust settings", the height of the window is incorrect Core Security: PSM nobody NEW --- 2022-10-10
1369747 Audit Telemetry Probe CERT_VALIDATION_SUCCESS_BY_CA Core Security: PSM nobody NEW --- 2022-10-11
1491941 display imported 3rd party roots in some fashion Core Security: PSM nobody NEW --- 2022-10-11
1512476 Add search to the Certificates Manager Core Security: PSM nobody NEW --- 2022-10-11
1521034 [Ubuntu] "Add security exception" window bottom options are not displayed if size is decreased Core Security: PSM nobody NEW --- 2022-10-11
1528738 RFE: ability to bypass HSTS errors for power-users (about RFC section 12.1, No User Recourse) Core Security: PSM nobody NEW --- 2024-02-27
1569222 Change implementations of TLSServer.cpp to use new SSL_ConfigServerCert mechanism Core Security: PSM nobody NEW --- 2021-07-13
1583544 Clicking "Cancel"/"Reset" button on `chrome://pippki/content/resetpassword.xul` closes firefox Core Security: PSM nobody NEW --- 2020-05-18
1618382 Tor Browser: Disable self-signed certificate warnings when visiting .onion sites Core Security: PSM nobody NEW --- 2022-10-11
1625140 Add security exception dialog should not follow redirects Core Security: PSM nobody NEW --- 2022-05-12
1653693 Switch to async document.l10n APIs in changepassword.js and resetpassword.js Core Security: PSM nobody NEW --- 2022-10-11
1760019 Migrate pipnss.properties to Fluent Core Security: PSM nobody NEW --- 2022-11-23
1812037 Allow decision to use enterprise roots per domain Core Security: PSM nobody NEW --- 2023-01-27
1833337 MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING - please allow a bypass of the error Core Security: PSM nobody NEW --- 2024-04-23
1850248 Sites with invalid ECH records receive uninformative errors Core Security: PSM nobody NEW --- 2023-10-24
1878549 Importing certificates does not work in some situations Core Security: PSM nobody NEW --- 2024-02-09
1892507 pkcs11.txt includes the absolute path of the profile directory Core Security: PSM nobody NEW --- 2024-06-26
1893234 Certificate viewer incorrectly displays malformed subject key identifier extension Core Security: PSM nobody NEW --- 2024-04-25
1902877 Intermittent security/manager/ssl/tests/mochitest/browser/browser_HSTS.js | single tracking bug Core Security: PSM nobody NEW --- 2024-06-17
1680089 firefox should potentially clear remembered client authentication decisions upon signing failures Core Security: PSM nobody NEW --- 2021-09-27
1824813 Remove fluent hacks from security/manager/pki/resources/content/exceptionDialog.js Core Security: PSM nobody NEW --- 2023-03-27
1863768 Modify EV Processing of OCSP/CRL extensions Core Security: PSM nobody NEW --- 2024-05-15
1816499 [meta] Integrate NSS releases into Firefox Core Security: PSM ckerschb ASSI --- Thu 11:32
1899431 Use SSL_PeerCertificateChainDER Core Security: PSM jschanck ASSI --- 2024-05-28
458161 "Failed to restore the PKCS #12 file for unknown reason" is bad error message Core Security: PSM eliotj12 ASSI --- 2024-01-21
1484464 expose security error codes (like bad certificate details) as named constants in nsINSSErrorsService Core Security: PSM mkmelin+mozilla ASSI --- 2022-07-25
1900619 Firefox should use modern algorithms in PKCS#12 files by default Core Security: PSM kaie ASSI --- 2024-06-04
445866 Master Password prompt dialog appearing in wrong place on screen Core Security: PSM nobody REOP --- 2022-10-10
997106 follow same-origin redirects when testing HSTS preload list candidate hosts Core Security: PSM nobody REOP --- 2023-03-02
1077954 the "Add Security Exception" dialog is not robust against unexpected input Core Security: PSM nobody REOP --- 2022-10-10
1183716 Client SSL certificate dialog always checks "Remember this decision" Core Security: PSM nobody REOP --- 2022-10-11
1229014 PSM UI (certificate manager, etc.) does a poor job handling certificates with serial numbers over 20 bytes Core Security: PSM nobody REOP --- 2022-10-11
1429799 Modify BlocklistsClients to allow certificate preload and whitelist state to be stored in users' profiles Core Security: PSM nobody REOP --- 2022-10-11
1441178 investigate "broken encryption" flag getting set when it shouldn't (or just remove it) Core Security: PSM nobody REOP --- 2022-10-11
1500532 Please expose TLS session ticket lifetime in about:config Core Security: PSM nobody REOP --- 2022-10-11
1699882 asynchronously search for client certificates Core Security: PSM nobody REOP --- 2022-06-30
1722306 osclientcerts: RSA-PSS detection for macOS Core Security: PSM nobody REOP --- 2022-11-29
1789458 Assertion failure: success (Transport Security Getters should not fail.), at security/manager/ssl/nsNSSIOLayer.cpp:1220 Core Security: PSM nobody REOP --- 2023-09-12
350612 client auth cert selection dialog should show URL requesting it Core Security: PSM nobody REOP --- 2022-10-10
585352 Certificate Manager misleads users into thinking that they can distrust CAs and/or intermediates Core Security: PSM nobody REOP --- 2022-10-17
1391703 Introduce common JSM for security/manager/tools/ scripts Core Security: PSM nobody REOP --- 2022-06-13
1418451 Feature Request: Change how "Verified by:" value is obtained for SSL Certs in Firefox Core Security: PSM nobody REOP --- 2021-07-13
1701658 Firefox crash when load a PKCS#11 Module which use std::regex_search Core Security: PSM nobody REOP --- 2022-10-07
1839376 Intermittent security/manager/ssl/tests/unit/test_sss_sanitizeOnShutdown.js | single tracking bug Core Security: PSM nobody REOP --- 2024-06-16
1850515 Intermittent security/manager/ssl/tests/mochitest/browser/browser_clientAuth_connection.js | single tracking bug Core Security: PSM nobody REOP --- Mon 00:21
1855176 Intermittent security/manager/ssl/tests/mochitest/browser/browser_clientAuthRememberService.js | single tracking bug Core Security: PSM nobody REOP --- 2024-06-23
1882929 Intermittent TEST-UNEXPECTED-TIMEOUT security/manager/ssl/tests/unit/test_oskeystore.js | single tracking bug Core Security: PSM nobody REOP --- 2024-06-23
1893960 Intermittent [tier 2] security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html (finished) | single tracking bug Core Security: PSM nobody REOP --- 2024-06-16
1102632 Remove SSL_ERROR_UNSUPPORTED_VERSION from insecure-fallback-enabled error code list Core Security: PSM VYV03354 REOP --- 2022-10-11
487 bugs found.
REST | CSV | Feed | iCalendar
Change Columns 		Edit Search
as

File a new bug in the "Core" product