Re: Expired certificates in the Builtin Object Token
On 25/01/2018 13:41, Andrey Shcheglov wrote: > I see a number of expired certificates under Builtin Object Token > (vanilla SeaMonkey 2.46 and 2.49.1, fresh user profile): > > https://habrastorage.org/webt/5d/ay/ch/5daychmswvrkawglzjk68bp7vfa.png > > If I delete those, they reappear under the "Others" tab: > > https://habrastorage.org/webt/xa/2q/is/xa2qisg6arve5xwmc6tmpcmwrqw.png > > The certificates are expired (expiration year is 2014, below is an > example for https://addons.mozilla.org): > > https://habrastorage.org/webt/5f/ry/ox/5fryoxyqavfrl6hcibhnsbzjxuw.png > > They, naturally, differ from their effective counterparts of the said > web sites: > > https://habrastorage.org/webt/rs/rq/we/rsrqwev0r-wnaujxrpacyf-s0s4.png > > What's the need for those? These are all "fake" certificates, dating back to 2011, wrongly issued by Comodo. https://www.wired.com/2011/03/comodo-compromise/ https://en.wikipedia.org/wiki/Comodo_Group#Certificate_hacking In SM, I think they store the fact that they should NOT be trusted. However, since they are now expired, I'm not sure they are needed anymore; or maybe it is to flag the use of the fake certs. Maybe a cert specialist can explain that better :-) Regards. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Expired certificates in the Builtin Object Token
Thanks Lee. Regards, Andrey. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Expired certificates in the Builtin Object Token
On 1/25/18, Andrey ``Bass'' Shcheglov wrote: > Hello, > > I see a number of expired certificates under Builtin Object Token > (vanilla SeaMonkey 2.46 and 2.49.1, fresh user profile): > > https://habrastorage.org/webt/5d/ay/ch/5daychmswvrkawglzjk68bp7vfa.png > > If I delete those, they reappear under the "Others" tab: > > https://habrastorage.org/webt/xa/2q/is/xa2qisg6arve5xwmc6tmpcmwrqw.png > > The certificates are expired (expiration year is 2014, below is an > example for https://addons.mozilla.org): > > https://habrastorage.org/webt/5f/ry/ox/5fryoxyqavfrl6hcibhnsbzjxuw.png > > They, naturally, differ from their effective counterparts of the said > web sites: > > https://habrastorage.org/webt/rs/rq/we/rsrqwev0r-wnaujxrpacyf-s0s4.png > > What's the need for those? https://askubuntu.com/questions/497923/fake-usertrust-com-certificates-in-chrome which links to https://www.eff.org/deeplinks/2011/03/iranian-hackers-obtain-fraudulent-https March 23, 2011 On March 15th, an HTTPS/TLS Certificate Authority (CA) was tricked into issuing fraudulent certificates that posed a dire risk to Internet security. As to why they're marked as expired - maybe to make sure those certs can't be used even if your clock is off by years? i dunno... Regards, Lee ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Expired certificates in the Builtin Object Token
Hello, I see a number of expired certificates under Builtin Object Token (vanilla SeaMonkey 2.46 and 2.49.1, fresh user profile): https://habrastorage.org/webt/5d/ay/ch/5daychmswvrkawglzjk68bp7vfa.png If I delete those, they reappear under the "Others" tab: https://habrastorage.org/webt/xa/2q/is/xa2qisg6arve5xwmc6tmpcmwrqw.png The certificates are expired (expiration year is 2014, below is an example for https://addons.mozilla.org): https://habrastorage.org/webt/5f/ry/ox/5fryoxyqavfrl6hcibhnsbzjxuw.png They, naturally, differ from their effective counterparts of the said web sites: https://habrastorage.org/webt/rs/rq/we/rsrqwev0r-wnaujxrpacyf-s0s4.png What's the need for those? Regards, Andrey. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey