Opened 8 years ago

Last modified 2 years ago

#2739 new defect

Clear Memory-Only Intermeditate Cert Store

Reported by: mikeperry Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: interview, tbb-torbutton, tbb-newnym
Cc: gk, lunar@… Actual Points:
Parent ID: #2877 Points:
Reviewer: Sponsor:

Description

The Intermediate Certificate store is not cleared by nsIDOMCrypto::logout() or our old ssl hack. We need to clear this, but we are probably blocked on this Firefox Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=435159

Child Tickets

Change History (17)

comment:1 Changed 8 years ago by mikeperry

Component: TorbuttonTorBrowserButton

This should be part of #523 for TorBrowserButton. We should clear intermediate certs when the user requests a new identity.

comment:2 Changed 8 years ago by mikeperry

Parent ID: #2482#2877

comment:3 Changed 8 years ago by mikeperry

This may require more browser work. Either the above firefox bug, or a more direct way into NSS initialization via #2949.

comment:4 Changed 8 years ago by gk

Cc: g.koppen@… added

comment:5 Changed 8 years ago by lunar

Cc: lunar@… added

comment:6 Changed 8 years ago by mikeperry

Milestone: TorBrowserBundle 2.2.x-stable

comment:7 Changed 8 years ago by mikeperry

Priority: majornormal

comment:8 Changed 8 years ago by mikeperry

Cc: StrangeCharm added

comment:9 Changed 7 years ago by mikeperry

Milestone: TorBrowserBundle 2.2.x-stableTorBrowserBundle 2.3.x-stable

comment:10 Changed 7 years ago by mikeperry

Keywords: tbb-linkability added

This is a minor linkability issue.

comment:11 Changed 5 years ago by mikeperry

Keywords: interview added

comment:12 Changed 5 years ago by erinn

Component: TorBrowserButtonTor Browser
Keywords: tbb-torbutton added
Owner: changed from mikeperry to tbb-team

comment:13 Changed 3 years ago by gk

Cc: gk added; g.koppen@… removed
Keywords: tbb-newnym added; tbb-linkability removed
Severity: Normal

comment:14 Changed 3 years ago by StrangeCharm

Cc: StrangeCharm removed

comment:15 Changed 3 years ago by bugzilla

Milestone: TorBrowserBundle 2.3.x-stable

As Certificate Viewer in Page Info must request intermediate certificate again or show nothing, does it mean that Intermediate Certificate store becomes inaccessible for the second request shortly?

comment:16 in reply to:  3 Changed 2 years ago by cypherpunks

Summary: Clear Intermeditate Cert StoreClear Memory-Only Intermeditate Cert Store

Replying to mikeperry:

This may require more browser work. Either the above firefox bug, or a more direct way into NSS initialization via #2949.

OMG, it's an ancient bug, where "Clear" means clearing Cert Store on disk. But, as gk recycled it for current needs, thus, renaming...
FWIW, David Keeler resolved the above Firefox bug as a duplicate of his own https://bugzilla.mozilla.org/show_bug.cgi?id=1267861

comment:17 Changed 2 years ago by gk

We should recheck whether that is still a New Identity issue.

Note: See TracTickets for help on using tickets.