[Webkit-unassigned] [Bug 105701] New: Safari 6.02 cannot determine state of certificate chain with an untrusted root

Sun Dec 23 18:41:16 PST 2012

https://bugs.webkit.org/show_bug.cgi?id=105701

           Summary: Safari 6.02 cannot determine state of certificate
                    chain with an untrusted root
           Product: WebKit
           Version: 525.x (Safari 3.2)
          Platform: Other
        OS/Version: Mac OS X 10.8
            Status: UNCONFIRMED
          Severity: Major
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: noloader at gmail.com

This applies to a late 2012 MacBook Pro running OS X 10.8.x (fully patched):

$ uname -a
Darwin riemann.home.pvt 12.2.0 Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64 x86_64

Safari version is 6.0.2 (8536.26.17). I don't see how to get the underlying version of WebKit.

When I revoked trust on some Valicert certificates, I had problems visiting OWASP. Unfortunately, Safari did not display Valicert in the chain, and Safari displayed the chain as good even though it prompted me that "Safari cannot determine the identity of the site www.owasp.org.

A full description with screen captures (including a truncated OpenSSL s_client fetch) is available at http://serverfault.com/questions/460527/apple-valicert-godaddy-safari-webkit-and-certificate-trust.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.