GNOME Bugzilla – Bug 734226
Spurious certificate dialogs
Last modified: 2014-12-01 11:59:48 UTC
Created attachment 282433 [details] screenshot During this GUADEC, I was connecting to several wifi hotspots. When I connected to the network, I was greeted by several dialogs warning me about certificates for each of my online accounts (screenshot attached). These dialogs were an unwelcome interruption. They were also confusing, and I didn't know how to deal with them.
In this case a wifi hotspot was actively hacking your connection and trying to get you to bypass the privacy you have configured. We should *never* have Evolution prompt to bypass a certificate like this. It causes the user to completely deconfigure their privacy without a thought towards the consequences. If you're interested in more reasoning, I gave a talk about this at GUADEC last year: http://www.superlectures.com/guadec2013/more-secure-with-less-security More generally, IMO, we should not be prompting for anything from the background process of EDS and interupting the user's workflow. * Passwords should be prompted via the Evolution account configuration or (if the user refuses to save their password) from an application popup when the user clicks on the "Send/Receive" button * Non-standard CA certificates should be configured in the account configuration right next to other non-standard options such as alternate port numbers.
Seems related to bug 694322.
Adding this bug to the target list for GNOME 3.16. See desktop-devel-list for more discussion about this.
Created attachment 291577 [details] rejected certificate This certificate *is* valid, but somehow is rejected by Evolution.
(In reply to comment #4) > Created an attachment (id=291577) [details] > rejected certificate > > This certificate *is* valid, but somehow is rejected by Evolution. Please open a separate bug report about this, thanks!
(In reply to comment #0) > Created an attachment (id=282433) [details] > screenshot Where does the bottom "Untrusted connection" dialog come from, please? It's definitely not from evolution*. (In reply to comment #1) > * Passwords should be prompted via the Evolution account configuration or > (if the user refuses to save their password) from an application popup > when the user clicks on the "Send/Receive" button I agree (mostly, just with a little difference on the circumstances when the password should be asked. Bug #688434 or bug #728496. Not so simple currently. I have something on mind, but it's still evolving. > * Non-standard CA certificates should be configured in the account > configuration right next to other non-standard options such as alternate > port numbers. Maybe, just there is no server certificate available when creating the account. Should the account just stop working when the server changes it, or when the connection plays a man-in-the-middle? Note that having this covered in Evolution is not enough, these certificate prompts are ("newly") shown for calendar and address book sources as well, thus such thing might be covered by any application which uses eds as its data store/provider. That makes it quite the same to the password part. (In reply to comment #2) > Seems related to bug 694322. This is a duplicate of it from my point of view, thus I'm marking it as such. *** This bug has been marked as a duplicate of bug 694322 ***
(In reply to comment #6) > Maybe, just there is no server certificate available when creating the account. > Should the account just stop working when the server changes it, Yes, if and only if the user manually selected a certificate to be expected of the server. > or when the > connection plays a man-in-the-middle? Yes, if the received certificate is untrusted, then the connection should hard fail. >Note that having this covered in > Evolution is not enough, these certificate prompts are ("newly") shown for > calendar and address book sources as well, thus such thing might be covered by > any application which uses eds as its data store/provider. That makes it quite > the same to the password part. Whether the error is handled by eds or by applications doesn't matter much to us, as long as dialogs never appear out of nowhere. One way for eds to handle these would be to use desktop notifications; those would be fine. (In reply to comment #6) > Where does the bottom "Untrusted connection" dialog come from, please? It's > definitely not from evolution*. I would guess that's coming from Empathy or Telepathy. It indeed doesn't look like an Evolution problem.
(In reply to comment #6) > (In reply to comment #0) > > Created an attachment (id=282433) [details] [details] > > screenshot > > Where does the bottom "Untrusted connection" dialog come from, please? It's > definitely not from evolution*. I thought they were both from the same source, and I'm unable to reproduce right now. :/