Additional testing and discussion with Nelson Bolyard shows that I need to rename the title of the bug to "inconsitency in certificate root import method."
and down grade severity.
It still needs fixing to improve the user experience.
i.e.
import a root by the front door (Directly) and the GUI presented to the user asked for trust bits to be set.
import a root by the back door and the trust bits are all set to off (even if it's an e-mail cert being imported). Firefox should ask the user to set the trust bits for the new root.
Additional testing and discussion with Nelson Bolyard shows that I need to rename the title of the bug to "inconsitency in certificate root import method."
and down grade severity.
It still needs fixing to improve the user experience.
i.e.
import a root by the front door (Directly) and the GUI presented to the user asked for trust bits to be set.
import a root by the back door and the trust bits are all set to off (even if it's an e-mail cert being imported). Firefox should ask the user to set the trust bits for the new root.