NoOp wrote:
On 12/06/2011 11:34 AM, Justin Wood (Callek) wrote:
Desiree wrote:
I have all Comodo related certs untrusted in all browsers since December
2008. I want to be alerted each time I go to a secure site that uses
Comodo. I will then decide on a per site, one time only, exception basis if
I wish to allow the exception or not.
SM 2.5 has NO way to allow me to accept a Comodo cert used at Amazon.com
when logging in there. The cert is for "images-na.ssl-images-amazon.com". I
get an untrusted cert popup but all I can do is examine the cert. I cannot
accept it. That means that I do get logged in because the main cert for
Amazon is from Verisign and I have not disabled Verisign certs. But, because
I cannot accept the Comodo cert on a one time basis, I have no images at
Amazon after logging in.
I have not tried other secure sites that use Comodo related certs with SM
2.5 but I would assume that I will not be able to use ANY of those sites
with SM because there is no way to make a one time or permanent exception.
Is this a known bug?
Comodo has had issues and is explicitly blocked, if Amazon-na is using
them, you should contact amazon about the issue. This issue exists in
all current and updated webbrowsers.
Are they? If so how?
...
I would think if they were blocked, they would have a entry similar to
diginotar:
Actual from refreshing my memory the Comodo CA only had specific cert
serials blocked. And I don't *think* amazon was one of them.
The blocking here was done in a different way to diginotar.
That said, loading
https://images-na.ssl-images-amazon.com/
Is showing as properly secure, and accepted for me in SM2.6b2. Even
though I get "Forbidden" for the root load there.
--
~Justin Wood (Callek)
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
