PSM:Topics
PSM is a code module in the Mozilla platform. Formerly PSM meant "personal security manager", because it was implemented as a separate program. Things have changed long ago, the code is now an internal code module. Encryption technologies (such as SSL and PKI in general) have become a mandatory part of the Mozilla applications.
The PSM acronym may also be described as "Platform Security Module".
(As a reminder, PSM is internal glue code that connects the Mozilla platform code to the external NSS libraries. It's NSS that contains the general purpose implementations for core security protocols, algorithms and much more.
This page lists areas related to PSM code that are not (yet) solved sufficiently.
Tags listed in [] brackets can be found in the status whiteboard of related bugs at bugzilla.mozilla.org
Grouped by importance
New unconfirmed bug reports
We have lots of new incoming bug reports which have not yet been triaged.
Any help to reduce the queue is welcome!
Fatal issues like crashes, deadlocks, dataloss
We have bugs that may cause fatal misoperation, crashes, deadlocks or dataloss.
[ psm-fatal ]
[ psm-cve ]
Roadblocks
Some bugs make it very difficult very users to use the PSM features, and frustrate users, and may have the effect that people want to avoid security features.
[ psm-roadblock ]
Multiple Master password prompts
This is quite annoying, multiple bugs tracked from meta bug 570421.
Architecture level tasks
This is where we need to design new base solutions and services that can later be used for functionality or simplified engineering.
[ psm-arch ]
Failing Builds or Failing Tests
[ psm-build ]
Minor issues and easy improvements
This is for issues that request to fix a typo, or keyboard shortcuts, etc., but doesn't affect correctness of functional behaviour. It also includes improvements which are rather simple to implement. We just need someone to help get it done.
[ psm-easy ]
Grouped by functional area
Improve SSL client authentication
This shall apply to all Mozilla applications, not limited to Firefox, but include email protocols etc.
See also
- http://kuix.de/mozilla/sslauth/
- http://kuix.de/mozilla/sslauth/cli-v1-pres/
- http://groups.google.com/group/mozilla.dev.tech.crypto/browse_thread/thread/fb6e52c772b7db42
- PSM:CertPrompt
[ psm-clientauth ]
Issues around the usability of Smartcards
PSM comes with a "software security device", which could be seen as a virtual smartcard, simulated using files stored in the user's directory. Certificates are accessed using the pkcs#11 interface. Physical smartcards can be used to provide similar functionality. This category is for issues where smartcards don't work right.
[ psm-smartcard ]
Padlock issues
PSM is responsible for producing the correct security state of a web page, which has historically been displayed using a padlock (solid, broken or absent), and which more recently is being shown using URL bar background colors, and confirmed site name or identity indicators to the left of the URL bar.
This section is for issues where the displayed state is different from the actual content.
[ psm-padlock ]
Certificate Management
Invalid duplicate certificates
The PKI related standard documents for X.509 certificates and certificate infrastructures require that all certificates issued in the world follow a simple rule: The pair of {issuer-certificate-subject-name, serial number} must always be unique.
The implementation of NSS assumes that the world is perfect and no such duplicates exist. Unfortunately, in the real world mistakes are being made, and such duplicates exist. When NSS experiences such duplicates, it will get confused, which may lead to unexpected behaviour. For example, a user's storage or cache of certificates may contain a certificate A, and visiting a website may involve another certificate B, which both have the same {issuer,serial} pair. It may be impossible to visit the website, and the user may not understand the cause (and the Mozilla application will not clearly report the cause). Resolving the situation might require erasing the local storage/cache or asking the website administrator to install a different certificate.
Error pages for invalid certificates
Confusion around inability to delete built-in root CA certificates
PSM's certificate manager has confusing UI related to deleting certificates. Root CA certificates that are bundled with the application can not be deleted, it's impossible. They can have their trust removed, which has the same effect. The user interface should be enhanced to make this easier to understand.
[ psm-cert-manager ]
Ability to search for certificates
The lists of certificates shown by certificate manager can be large. An ability to search for certificate (or filter the view) would be very helpful.
We recently got a code contribution that provided this ability. Unfortunately the code did introduce regressions and it was necessary to back it out (remove it).
We are looking for an contributor who would like to help us by improving the existing patch.
[ psm-cert-manager ]
Firefox allows experienced users to ignore certificate errors on a site-by-site choice. This category is for issues around this feature, be it inability to add exceptions, or allowing exceptions where it shouldn't be possible, or incorrect behaviour around exceptions.
There have been multiple proposals around restricting the powers of CA certificates, or catching mistakes made by CAs at the PSM level.
For example, a company's intranet root certificate could be limited to issuing certificates for sites within the company's own domain(s), or a government's CA could be restricted to issue certificates for the country's top level domain, only.
This could be implemented either in NSS or at the PSM level.
[ psm-ca-domains ]