[foaf-protocols] Apple bug reports

Tim Berners-Lee timbl at w3.org
Tue Jun 23 13:54:37 CEST 2009


Is this the only Safari bug we know about?
I would happy to pass our top requests on to our friends inside Apple  
in case it would help.

Tim


On 2009-06 -23, at 06:48, Story Henry wrote:

> I have posted two bug reports for the Safari 4 and iphone 3.0 apps  
> here:
>
> http://developer.apple.com/bugreporter/
>
> Apple sadly makes those reports secret I think. And they only respond
> if enough people post reports. So if you can report a bug, or know
> others who should, please do so.
>
> Btw. be careful to save your but report before pressing the submit
> button. Their server lost my data the first time I posted it.
>
> Here they are:
>
> bug 6993918: "iphone browser does not send client certificate on
> optional request"
> =
> =
> =
> =
> =
> =
> =
> =
> =
> =
> = 
> = 
> ======================================================================
>
> 22-Jun-2009 07:04 PM Henry Story: (I had submitted a bug report
> following your format, then your server lost the info.)
> Summary:
> -------
> TLS v1 server can request certificates *optionally* from the client.
> The server can also request that it NEEDS the certificate. A server
> that requests the certificate optionally, can on failing to receive a
> certificate, offer alternative means of logging the user in, or even
> redirect him. On receiving an optional request for a certificate the
> iPhone browser that has a couple of certificates will ask the user to
> choose the certificate, but not send the chosen certificate to the
> server.
>
> Steps to Reproduce:
> ---------------
>  1. Get a couple of certificates on the iPhone. You can follow the
> procedure here to get the certs and install them: http://blogs.sun.com/bblfish/entry/howto_get_a_foaf_ssl
>  (Use firefox to get the certificates, as there seems to be another
> problem on Safari 4, I will report later)
>  2. Use a server that requests optional client certificates and
> monitor the packets going over the network with WireShark. There are a
> couple of certificates we have listed in the mail here with the
> packets we have downloaded http://lists.foaf-project.org/pipermail/foaf-protocols/2009-June/000642.html
>
> Actual Results:
> ---------------
>  The client will NOT send the selected certificate (or any other) to
> the server. This can be verified by looking at the packets sent, or
> indirectly by noticing the server's behavior be different from what it
> should do.
>
> Expected Results:
> -----------------
>
> The iPhone should send the certificate selected.
>
> bug 6994039: "Safari 4 does not send certificate on optional request"
>
> 6993918: iphone browser does not send client certificate on optional
> request
> =
> =
> =
> =
> = 
> = 
> ======================================================================
>
> Summary:
> -------
>  TLS v1 server can request certificates *optionally* from the client.
> The server can also request that it NEEDS the certificate. A server
> that requests the certificate optionally, can on failing to receive a
> certificate, offer alternative means of logging the user in, or even
> redirect him. On receiving an optional request for a certificate the
> iPhone browser that has a couple of certificates will ask the user to
> choose the certificate, but not send the chosen certificate to the
> server.
>
> Steps to Reproduce:
> ---------------
>
>  1. Get a couple of certificates on the iPhone. You can follow the
> procedure here to get the certs and install them: http://blogs.sun.com/bblfish/entry/howto_get_a_foaf_ssl
>  (Use firefox to get the certificates, as there seems to be another
> problem on Safari 4, I will report later)
>  2. Use a server that requests optional client certificates and
> monitor the packets going over the network with WireShark. There are a
> couple of certificates we have listed in the mail here with the
> packets we have downloaded
> http://lists.foaf-project.org/pipermail/foaf-protocols/2009-June/000642.html
>
> Actual Results:
> ---------------
>
>  The client will NOT send the selected certificate (or any other) to
> the server. This can be verified by looking at the packets sent, or
> indirectly by noticing the server's behavior be different from what it
> should do.
>
> Expected Results:
> ----------------
>
> The iPhone should send the certificate selected.
>
> Henry
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols



More information about the foaf-protocols mailing list