Bugs filed for Firefox Certificate viewer on not strict enough parsing to of invalid certificates

Hi, someone filed quite a few bugs in Firefox about the Firefox Certificate viewer accepting invalid certificates ([bug list](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1851831,1853500,1857568,1857576,1857582,1860742,1865092,1867580,1869025,1870340,1889128,1889164,1889468,1890590,1892288,1892504,1893010,1893234,1894324,1895596,1896181,1896459,1898797,1901994,1904600,1904658,1905443,1907767,1910094,1910223,1911331,1933501,1934377))

Firefox Certificate viewer uses PKI.js to parse the certificates and I was if you are interested in me filing bugs here for each case that was found or if summarizing them here in this issue would be good too and whether it is in scope of PKI.js to fix these discrepencies.

For example [Bug 1870340](https://bugzilla.mozilla.org/show_bug.cgi?id=1870340#c0):

> For the DER-encoded digital certificates, if you want to represent 'Subject Type=CA' in the Basic Constraints, the correct content for the corresponding TLV structure should be '01 01 ff'. However, in our mutated certificate, we have mutated the '01 01 ff' node to '01 01 49'. But Firefox still interprets this incorrect data as 'Subject Type=CA', and it is unable to identify this data as incorrect.

Is there interest in filing bugs for these cases here? If so, how do you prefer me to move the reports here?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bugs filed for Firefox Certificate viewer on not strict enough parsing to of invalid certificates #425

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Bugs filed for Firefox Certificate viewer on not strict enough parsing to of invalid certificates #425

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions