Note: There are a few cases of duplicates in user autocompletion which are being worked on.

CRL object needs to change PKCS#11 object ID upon modification

RESOLVED WONTFIX

Status

NSS
Libraries
P1
normal
RESOLVED WONTFIX
15 years ago
15 years ago

People

(Reporter: Julien Pierre, Assigned: Julien Pierre)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

15 years ago
When installing a new CRL into the certificate database (softoken), the object
ID of the new CRL is the same as object ID of the old one. The way the CRL cache
will check for an object modification is to first look up if it exists, and then
check for its subject. With the current implementation, both tests would pass.

The fix is to create a new object ID when the new CRL is installed. This way the
CRL cache will know to flush itself and try to fetch a new CRL.
(Assignee)

Updated

15 years ago
Priority: -- → P1
Target Milestone: --- → 3.6
Version: 3.5 → 3.6
(Assignee)

Updated

15 years ago
Blocks: 149854
(Assignee)

Comment 1

15 years ago
Bob,

This needs to get resolved for in order for the CRL cache to be able to pick up
changes to the objects. I am planning on checking it in tomorrow.

Comment 2

15 years ago
Assigned the bug to Bob.
Assignee: wtc → relyea

Comment 3

15 years ago
Moved to NSS 3.7, priority P1.
Target Milestone: 3.6 → 3.7

Comment 4

15 years ago
Moved to target milestone 3.8 because the original
NSS 3.7 release has been renamed 3.8.
Target Milestone: 3.7 → 3.8
(Assignee)

Comment 5

15 years ago
Taking bug.
Assignee: relyea → jpierre
(Assignee)

Comment 6

15 years ago
The problem that prompted the creation of this defect report was resolved in NSS
3.6 . See bug 167649 . The workaround was for NSS to automatically invalidate
the CRL cache for a given CA when a CRL for that CA is imported to softoken.
I am marking this bug WONTFIX since it means we don't need to do this
complicated fix to softoken.
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.