After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 605773 - SSL verification failure dialog box is not clear
SSL verification failure dialog box is not clear
Status: RESOLVED DUPLICATE of bug 440316
Product: evolution
Classification: Applications
Component: Mailer
2.28.x (obsolete)
Other Linux
: Normal critical
: ---
Assigned To: evolution-mail-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2009-12-31 00:51 UTC by Sam Morris
Modified: 2011-11-14 10:01 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Sam Morris 2009-12-31 00:51:38 UTC 
When checking my email, I recieved this message:

Evolution Warning

SSL Certificate check for imap.example.com:

Issuer:            serialNumber=88888888,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
Subject:           CN=*.example.com,OU=Domain Control Validated,O=*.example.com
Fingerprint:       ec:cf:43:7f:87:84:f0:63:ec:b4:5d:60:e5:7e:6b:23
Signature:         BAD

Do you wish to accept?
[Cancel] [Ok]

There are several problems with this dialog:

 * It is only a warning and not a hard error 
 * It does not tell me that the check actually failed
 * It does not tell me why the check failed
 * It allows me to press Ok to ignore the failure, resulting in my password being transmitted unprotected!

What should happen is that this should be treated like any other network failure such as an error in resolving the server name, or in connecting to the server's address. As such, there should be no way for me to go against the wishes of the IT department and connect anyway.
Comment 1 Sam Morris 2009-12-31 00:53:33 UTC 
Oh, and pressing Cancel results in the dialog being re-displayed. Forever. There is no way to end this cycle except by exiting Evolution! This makes it impossible for a user to do anything other than accept the insecure connection.
Comment 2 Sam Morris 2009-12-31 01:33:33 UTC 
Looks like this corresponds with upgrading NSS from 3.12.4 to 3.12.5.
Comment 3 Sam Morris 2010-01-06 11:33:49 UTC 
It appears that pressing Ok adds a permanent exception for the certificate! This is definately not made clear by the user interface. If anything, the Ok button should only add a temporary exception until evolution is restarted.
Comment 4 Matt McCutchen 2010-01-06 14:52:01 UTC 
(In reply to comment #3)
> If anything, the Ok
> button should only add a temporary exception until evolution is restarted.

That would (1) be really annoying and (2) train users to always click OK without checking the fingerprint, which would decrease security.  See bug 205325 comment 14.
Comment 5 Sam Morris 2010-01-06 15:20:14 UTC 
Then the consequences of press Ok should be very clearly spelled out in the dialog box, and the button should be renamed to 'permanently acceps this certificate'.

IME, users will blindly click Ok without reading the dialog box anyway. As a sysadmin, I don't want my users to have this option; I want validation failure to be treated as a hard error (as a DNS lookup failure, or connection failure) and I want to investigate it myself. There should be no easy one-click way to work around the certificate validation process; therefore, the dialog box should be eliminated entirely.

Users who want to use a self-signed certificates should import their certificate file via the certificate manager. They are already doing something that elevates them into the realm of computer expert. Their convenience should not come before the security of the majority of regular users.
Comment 6 Milan Crha 2011-11-14 10:01:04 UTC 
Thanks for the bug report. This particular bug has already been reported into our bug tracking system, but please feel free to report any further bugs you find.

*** This bug has been marked as a duplicate of bug 440316 ***