63537 – xmlsecurity: certificate should not be valid when no revocation data is available

Issue 63537 - xmlsecurity: certificate should not be valid when no revocation data is available

Summary: xmlsecurity: certificate should not be valid when no revocation data is avail...

Status:	CLOSED DUPLICATE of issue 103420

Alias:	None

Product:	xml
Classification:	Code
Component:	code (show other issues)
Version:	680m160
Hardware:	All All

Importance:	P3 Trivial (vote)
Target Milestone:	4.x
Assignee:	joachim.lingner
QA Contact:	issues@xml

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-03-23 14:53 UTC by joachim.lingner
Modified:	2009-07-22 12:11 UTC (History)
CC List:	3 users (show)

See Also:
Issue Type:	DEFECT
Latest Confirmation in:	---
Developer Difficulty:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description joachim.lingner 2006-03-23 14:53:21 UTC

Even if no revocation information are available, the certificate is displayed as
valid (provided that there are no other errors. This seems to be wrong according
to RFC3280, ISIS-MTT core specification, and Public Key Interoperability Test
Suite of the National Institute of Standard and Technology (NIST).
At least we should display a warning.

Comment 1 joachim.lingner 2006-03-23 14:55:56 UTC

Comment 2 joachim.lingner 2006-03-23 15:02:45 UTC

Comment 3 joachim.lingner 2006-05-22 09:28:13 UTC

Comment 4 joachim.lingner 2007-12-07 15:57:57 UTC

Retargeting to 3.x

Comment 5 joachim.lingner 2009-07-22 12:10:40 UTC

.

*** This issue has been marked as a duplicate of 103420 ***

Comment 6 joachim.lingner 2009-07-22 12:11:01 UTC