Ubuntu
firefox-3.0 package

CA-13 and other DOD SSL certificates

Bug #405017 reported by whitis
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox-3.0 (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: firefox-3.0

Firefox needs to ship with CA-13 and other DOD SSL certificates installed. These are widely used on army/DOD websites which often use SSL even when it is entirely unnecessary.

It is problematic for the user to even install them manually, as they are not provided separately but as a windows executable:
https://www.dodpke.com/InstallRoot/files/InstallRoot_v3.12A.zip

Upstream: 6 clicks to deal with a self-signed, military, or other unknown certificate is extremely unreasonable.

Here are some websites that will trigger the bug; they are also specifically related to finding the missing certificates.
https://help.us.army.mil/cgi-bin/akohd.cfg/php/enduser/std_adp.php?p_faqid=50
https://www.dodpke.com/InstallRoot
https://www.us.army.mil/suite/page/474113

There is a lot of public domain info on military sites.

Note: importing the four files on this page appears to include CA-13 and others but not all 73 certificates included in the executable file above.
http://dodpki.c3pki.chamb.disa.mil/rootca.html

ProblemType: Bug
Architecture: amd64
DistroRelease: Ubuntu 9.04
NonfreeKernelModules: nvidia
Package: firefox 3.0.12+build1+nobinonly-0ubuntu0.9.04.1
PackageArchitecture: all
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: firefox-3.0
Uname: Linux 2.6.28-11-generic x86_64

Revision history for this message
whitis (whitis) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.