Thanks for the quick response. That makes perfect sense with the
currently not shown "I Understand the Risks" part of the "Untrusted
Connection" page, so that the user can't just click through and accept
an exception.
But couldn't there be at least an about:config parameter to override the
certificate issuer check with respect to the exceptions manually added
in the Certificate Manger?
The reason is that with everyone (hopefully) switching to HTTPS and
implementing HSTS in future, such a simple certificate pinning in
Thunderbird will not be possible. (Which might also be useful with
Firefox in some specific use cases.)
I can't think of a security threat with that right now. Because:
a. With all root CAs removed and a specific server cert pinned (i.e.
exception added), the user can't connect to an MitM, so no "guide" can
be shown by the latter on how to "fix" the connection issue.
b. With the root CAs not removed, an MitM with an accepted (but
different) cert doesn't need to show such a "guide", because a
connection will be established anyway.
c. With the root CAs not removed, an MitM with an UNaccepted cert ...
(no connection - same as in point (a) above).
So that checking of the issuer of certs in the exceptions list doesn't
seem to improve security. But disallows such useful things like that
simple cert pinning on Thunderbird, or usage of self-signed certificates
with HSTS.
Allowing the exceptions, on the other hand, still seems to fit into
https://tools.ietf.org/html/rfc6797#section-12.1. On my reading, anyway.
:) As long as the "I Understand the Risks" part of the "Untrusted
Connection" page is not shown and therefore no click-through is
possible. So that there is "no chance to "fool" users into making the
wrong decision". While existing exceptions don't meant that "something
is not entirely correct with the connection establishment" - they have
been explicitly allowed, after all. I don't think they fall into the
"errors" category as per
https://tools.ietf.org/html/rfc6797#section-8.4
either, because, again, they have been explicitly allowed - using them
is expected behavior, not an error. (And if one can choose usable cypher
suits, why can't one also choose usable certificates, even, e.g.,
self-signed ones?)
Am I missing something? What do you think?
Best,
Joe
P.S.: I'm not a lawyer :)