Version: 3.0.3-1 (using KDE KDE 3.0.3) Installed from: RedHat RPMs Compiler: gcc-3.2-7 Didn't compile software myself OS: Linux When presented with a PKCS #7 package containing a certificate chain, Konqueror presents a dialogue in which every certificate in the chain can be evaluated separately. Nice! If the chain includes a signing cert and one or more (indirectly) signed certs, then all show as untrustworthy. Correct. But after importing the top cert, everything changes, and the state displayed is not updated. This may throw off uninformed customers, or it would force CAs to break up imports to Konqueror in one-step-at-a-time imports. I consider it a bug to not update the states of certificates after each single import; and it would be nice if the certs also stated something like `signed by another in this bunch' instead of `cannot find the signing cert for this one'. Thanks, Rick van Rein.
Subject: kdelibs/kcert CVS commit by staikos: Update the certificate status each time it is displayed so that we can take advantage of changes to the trust database. CCMAIL: 51849-done@bugs.kde.org M +4 -1 kcertpart.cc 1.38 --- kdelibs/kcert/kcertpart.cc #1.37:1.38 @@ -1,5 +1,5 @@ /* This file is part of the KDE project * - * Copyright (C) 2001,2002 George Staikos <staikos@kde.org> + * Copyright (C) 2001-2003 George Staikos <staikos@kde.org> * * This library is free software; you can redistribute it and/or @@ -783,4 +783,5 @@ void KCertPart::slotSelectionChanged(QLi return; } + x5i->cert->revalidate(); _blankFrame->hide(); _pkcsFrame->hide(); @@ -795,4 +796,5 @@ void KCertPart::slotSelectionChanged(QLi return; } + x5i->cert->revalidate(); _blankFrame->hide(); _pkcsFrame->hide(); @@ -807,4 +809,5 @@ void KCertPart::slotSelectionChanged(QLi return; } + p12i->cert->revalidate(); _blankFrame->hide(); _x509Frame->hide();
For your information, this might take a small amount of time to update due to the database being rebuilt asynchronously. Please reopen if the fix doesn't work. I haven't really tested it, and I am not sure that I want to backport this one yet.