After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 440316 - Improve SSL Certificate check bad signature dialog
Improve SSL Certificate check bad signature dialog
Status: RESOLVED FIXED
Product: evolution
Classification: Applications
Component: Mailer
2.8.x (obsolete)
Other All
: Normal minor
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
: 605773 666150 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2007-05-21 23:10 UTC by Chris Skalenda
Modified: 2012-04-05 12:36 UTC
See Also:
GNOME target: ---
GNOME version: 2.15/2.16

Attachments
Screenshot of the current dialog. (34.07 KB, image/png)
2007-05-21 23:11 UTC, Chris Skalenda 		  Details
eds patch (7.00 KB, patch)
2011-11-15 11:52 UTC, Milan Crha 		committed Details | Review
evo patch (5.36 KB, patch)
2011-11-15 11:54 UTC, Milan Crha 		committed Details | Review

Description Chris Skalenda 2007-05-21 23:10:43 UTC 
While checking my mail today, I was presented with a dialog containing some cryptic text, which asked me to accept....something. As-is, I don't think that this is a usable dialog, because no person who is not reasonably familiar with SSL will understand this dialog. Even as a developer myself, I'm not 100% sure what the issue is just from the dialog presented. Additionally, the options of OK and Cancel don't really make sense in this context. 

Suggestions:
Split the issue into 3 parts. 
1) Clearly state at the beginning what the problem is. "The SSL Certificate for mail.foo.org is bad." The idea is to summarize what the issue is in simple language (though having jargon like SSL and Certificate may be necessary).
2) Have a few (short) suggestions of what this could mean to the user, so that they know why they're clicking Accept or Reject or whatever and what their acceptance or rejectitude means to them.  
3) At the bottom, have a GtkExpander with "Details" that give the SSL cert mess that's currently in the dialog.




Other information:
Comment 1 Chris Skalenda 2007-05-21 23:11:31 UTC 
Created attachment 88570 [details]
Screenshot of the current dialog.
Comment 2 Milan Crha 2011-11-14 10:01:04 UTC 
*** Bug 605773 has been marked as a duplicate of this bug. ***
Comment 3 Milan Crha 2011-11-15 11:52:48 UTC 
Created attachment 201428 [details] [review]
eds patch

for evolution-data-server;

This changes API to be able to provide custom buttons into camel_session_alert_user(). I didn't increase Camel's API version, because it is already increased.

This also adds temporary trust level, which is relevant only till reload of the camel cert database.

Warning message text was also changed to:

     SSL Certificate for '%s' is not trusted. Do you wish to accept it?

     Detailed information about the certificate:
     ....

           [Reject] [Accept temporarily] [Accept permanently]

The thing is that the API allows only text messages, thus there cannot be added any active widget into the content area of the warning dialogue.

This also saves database whenever the bad certificate is encountered, to be sure that user's choice is saved properly.
Comment 4 Milan Crha 2011-11-15 11:54:14 UTC 
Created attachment 201429 [details] [review]
evo patch

for evolution;

To properly manage the changed API.
Comment 5 Milan Crha 2011-11-15 11:57:26 UTC 
Created commit 287ea88 in eds master (3.3.2+)
Created commit d03f8df in evo master (3.3.2+)
Comment 6 Milan Crha 2012-04-05 12:36:41 UTC 
*** Bug 666150 has been marked as a duplicate of this bug. ***