SecurityEngineering/mozpkix-testing: Difference between revisions

Line 44: Line 44:
* NSS Classic Verification: https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/certhigh/
* NSS Classic Verification: https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/certhigh/
* NSS LibPKIX Verification: https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/libpkix/
* NSS LibPKIX Verification: https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/libpkix/
== What To Look For ==
We are especially interested in finding errors that cause the following to happen:
# SSL connections succeed when they should fail, and they did fail in previous releases.
# EV treatment is given when it should not be given, and was not being given in previous releases.
# An SSL connection fails when it should have succeeded.
# EV treatment is not given when it should be.
# An SSL connection gives a different error than expected.
# SSL connections succeed when they should fail, and they did not fail in previous releases. Note that this could be due to not enforcing certain standards, and may be a policy decision.
# EV treatment is given when it should not be given and was being given in previous releases. Note that this could be due to not enforcing certain standards, and may be a policy decision.
# Code Signing certificates do not work as expected.


== Mozilla::pkix Bug list ==
== Mozilla::pkix Bug list ==
Confirmed users, Administrators
5,526

edits