Bug 219929

Summary: Improve UI on client certificate use
Product: [Applications] konqueror Reporter: Henry Story <henry.story>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Status: REPORTED ---    
Severity: wishlist CC: henry.story
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Unspecified   
Latest Commit: Version Fixed In:

Description Henry Story 2009-12-24 10:56:27 UTC 
Version:            (using KDE 4.3.4)
Installed from:    Unspecified

Hi, just a quick disclaimer. I used Linux and KDE during the 1990s upto early 2003. Currently I am using OSX. This is really a note to keep the KDE community updated on some interesting and powerful ideas so that when I come back to KDE you will be supporting them :-)

Most browsers do not let the user know what client certificate he is using when he connects to a web site. The Mozilla Weave team have been developing something for password management that would in fact be a lot more appropriate for showing client certificates used.

More on this here: 
http://blogs.sun.com/bblfish/entry/identity_in_the_browser_firefox

If you are the first to get a good implementation of this, I'll switch to Linux and KDE again, and use it in my demos.

Up to now client certificates have been very little used. But this is about to change. By linking client certs to the semantic web, it has become possible to create globally valid replaceable, free client certificates that do not depend on Certificate authorities but on the Web of Trust of linked foaf files (or other such linked data).

see the video on foaf+ssl at
http://blogs.sun.com/bblfish/entry/camping_and_hacking_at_har2009
(requires Firefox 3.5 because of OGG support. Let me know if konqueror also does this, and I'll fix the comments)

also a longer video at FrOSCon:
http://blogs.sun.com/bblfish/entry/froscon_the_free_and_open
Comment 1 Henry Story 2009-12-24 11:14:39 UTC 
Oh yes, here are some links to similar bug reports in other Open Source browsers:
Google Chrome:
   - "User Interface Improvement for Client Certificate Usage"
     http://code.google.com/p/chromium/issues/detail?id=29784
   - "browser does not send valid certification requests for creating SSL client certificates" (ues chrome does not do a good job yet of supporting client certificates)
     http://code.google.com/p/chromium/issues/detail?id=148
Firefox:
 - "certificate selection mechanism presents too much information"
    https://bugzilla.mozilla.org/show_bug.cgi?id=502344
 - "display client certificate selected"
   https://bugzilla.mozilla.org/show_bug.cgi?id=502343
 - I marked both as a duplicate of bug "Improve SSL client-authentication  
UI" (perhaps I should not have)
   https://bugzilla.mozilla.org/show_bug.cgi?id=396441