Ideas conceived and documents produced in August 2009
Documents published in March 2010
Improved SSL Client Authentication for Mozilla applications
(includes a generic design of reporting and controlling properties of an SSL connection)
The SSL client authentication mechanisms in Mozilla are insufficient.
The motivation of this document is to design a solution that works with SSL connections in any Mozilla application, including (but not limited to) Firefox.
Here is a visual mockup (doesn't use good icons yet, but you should get the general idea).
Generic reporting and exception configuration for bad SSL server certificates
The error page reporting and exception creating mechanism for bad SSL server certificates introduced in Firefox 3.x is insufficient for other Mozilla applications like Thunderbird.
The motivation of this document is to extend the existing solution (used by Firefox) in a way that works with SSL connections in any Mozilla application.
Important: The second document (serverauth) is based on ideas described in the first (clientauth) document.