[Webkit-unassigned] [Bug 105701] New: Safari 6.02 cannot determine state of certificate chain with an untrusted root
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Dec 23 18:41:16 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=105701
Summary: Safari 6.02 cannot determine state of certificate
chain with an untrusted root
Product: WebKit
Version: 525.x (Safari 3.2)
Platform: Other
OS/Version: Mac OS X 10.8
Status: UNCONFIRMED
Severity: Major
Priority: P2
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: noloader at gmail.com
This applies to a late 2012 MacBook Pro running OS X 10.8.x (fully patched):
$ uname -a
Darwin riemann.home.pvt 12.2.0 Darwin Kernel Version 12.2.0: Sat Aug 25 00:48:52 PDT 2012; root:xnu-2050.18.24~1/RELEASE_X86_64 x86_64
Safari version is 6.0.2 (8536.26.17). I don't see how to get the underlying version of WebKit.
When I revoked trust on some Valicert certificates, I had problems visiting OWASP. Unfortunately, Safari did not display Valicert in the chain, and Safari displayed the chain as good even though it prompted me that "Safari cannot determine the identity of the site www.owasp.org.
A full description with screen captures (including a truncated OpenSSL s_client fetch) is available at http://serverfault.com/questions/460527/apple-valicert-godaddy-safari-webkit-and-certificate-trust.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list