Public bug reported: Binary package hint: libnspr4
I have an eToken USB smartcard. It contains -among other keys- an smime signing cert intended to use with mozilla-thunderbird, and a tls client certificate intended to work with mozilla-firefox. Once upon a time these keys were working well. I could sign emails with the signing key, and authenticate to web sites with the client key. Now those keys do not work with neither with mozilla-firefox nor mozilla-thunderbird. I use the tls client key also for ssh authentication with ssh-agent, and this works well. The certificate manager in mozillas shows that the keys are valid for their purpose, and did not expire. But when I want to choose a signing key in thunderbird, it says that the certificate manager could not find a valid certificate for signing. The only change I am aware of is that since that I have installed two encryption keys on the token. One have no corresponding certificate, and the other have. The CA of that second encryption cert is different than the one for the signing/client keys, a lame MS CA. I added the CA key to the CAs, because I thought maybe that can be the problem. But it is not better. I have tried to delete the signing keys to see whether it is the source of the problem, but deleting is not supported in my token at least with opensc. I mark this bug as a security vulnerability, as it have considerably lowered the security of my system. ** Affects: firefox (Ubuntu) Importance: Undecided Status: Unconfirmed ** Visibility changed to: Public -- mozillas fail to use certificates https://launchpad.net/bugs/70612 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs