Launchpad has imported 1 comments from the remote bug at https://bugzilla.mozilla.org/show_bug.cgi?id=1277637.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2016-06-02T19:00:13+00:00 Gareth Williams wrote: User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 Steps to reproduce: The section of the man page for certutil's trustargs is outdated as discussed at https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1586538 Actual results: The trustargs section of the man page in the nss source files correlates with the on-line version at https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/Tools/certutil (last modified Sept 2014): p - Valid peer P - Trusted peer (implies p) c - Valid CA T - Trusted CA to issue client certificates (implies c) C - Trusted CA to issue server certificates (SSL only) (implies c) u - Certificate can be used for authentication or signing w - Send warning (use with other attributes to include a warning when the certificate is used in that context) Expected results: The trustargs section of the man page in the nss source files should correlate with the later on-line version at https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil (last modified Sept 2015): p prohibited (explicitly distrusted) P Trusted peer c Valid CA T Trusted CA to issue client certificates (implies c) C Trusted CA to issue server certificates (SSL only) (implies c) u Certificate can be used for authentication or signing w Send warning (use with other attributes to include a warning when the certificate is used in that context) The difference being the lowercase 'p' option. Reply at: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1586538/comments/7 ** Changed in: nss Importance: Medium => Unknown -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1586538 Title: certutils from libnss3-tools - man page contradicts Mozilla's Status in NSS: New Status in nss package in Ubuntu: Triaged Bug description: Description of certuitls here: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil#Options_and_Arguments contradicts the man page here: http://manpages.ubuntu.com/manpages/wily/man1/certutil.1.html In the former "-t p" is "prohibited (explicitly distrusted)". In the latter, it's "Valid peer". I'm listing it as a security vuln, because someone could do mistakenly do the wrong thing. To manage notifications about this bug go to: https://bugs.launchpad.net/nss/+bug/1586538/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
