Enhancing SSL authentication support in Mozilla applications

Author:
Kai Engert
kaie@redhat.com
Ideas conceived and documents produced in August 2009
Documents published in March 2010

Improved SSL Client Auth

Abstract:

Improved SSL Client Authentication for Mozilla applications
(includes a generic design of reporting and controlling properties of an SSL connection)

The SSL client authentication mechanisms in Mozilla are insufficient.

The motivation of this document is to design a solution that works with SSL connections in any Mozilla application, including (but not limited to) Firefox.

Download ssl-clientauth-ff4-v1.00-20090902.pdf

Here is a visual mockup (doesn't use good icons yet, but you should get the general idea).

Generic solution for bad SSL server certificates

Abstract:

Generic reporting and exception configuration for bad SSL server certificates

The error page reporting and exception creating mechanism for bad SSL server certificates introduced in Firefox 3.x is insufficient for other Mozilla applications like Thunderbird.

The motivation of this document is to extend the existing solution (used by Firefox) in a way that works with SSL connections in any Mozilla application.

Download ssl-serverauth-ff4-v1.00-20090902.pdf

Important: The second document (serverauth) is based on ideas described in the first (clientauth) document.