[26556] in Athena Bugs
Re: zap-mozilla-certs doesn't touch firefox
daemon@ATHENA.MIT.EDU (Jonathan Reed)
Wed Aug 31 21:42:56 2005
Mime-Version: 1.0
Message-Id: <p05230101bf3c0af0cca1@[18.101.2.205]>
In-Reply-To: <1125514764.26002.24.camel@anhedonia.mit.edu>
Date: Wed, 31 Aug 2005 21:42:26 -0400
To: Robert A Basch <rbasch@mit.edu>
From: Jonathan Reed <jdreed@mit.edu>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Spam-Score: 0.344
X-Spam-Flag: NO
cc: bugs@mit.edu
Errors-To: bugs-bounces@mit.edu
>
>Ideally, the need to delete *any* certs would be exceptional...
Actually, it's a frequent occurrence. Not because of 'cobwebs and
sewage', but because of certificate stack passwords. People get
their certs, pick a password to protect them, and then promptly
forget it. Then their certs expire, or they need new one, and can't
recall the password to the certificate stack. The only way to fix
that is to delete the certificates.
I'd estimate that we (where 'we' = Support) tell someone to delete
their certificate stack on one platform or another (including Windows
and Mac) at least once a week, and during certificate renewal time
it's much more frequent. We'll also see a lot of these cases soon
with people coming back who were away over the summer, and didn't use
Athena during that time, and thus their certs expired in July, and
they almost certainly forgot their password.
I'd favor the approach of the zap-certificates generic script, and
telling people to use that in all our SAs. However, the script
should be modified to have output something like this:
Which certificates would you like to delete?
1) Mozilla
2) Firefox
3) Netscape
4) I don't know, delete them all.
5) quit.
And then run the relevant commands based on user output.
-Jon
--
-------------------
Jonathan Reed
jdreed@mit.edu
-------------------
