Closed Bug 1717706 Opened 3 years ago Closed 3 years ago

Increase size of 'JSON Array of Partitioned CRLs' field to 20,000 characters

Categories

(CA Program :: Common CA Database, task)

Product:
CA Program
Component:
Common CA Database
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: kathleen.a.wilson, Assigned: poonam)

Details

Some CAs need the size of the 'JSON Array of Partitioned CRLs' field to be larger than the current 5,000 character limit. So please increase the limit to 20,000 characters.

The API may also need to be updated to allow for up to 20,000 characters for this field.

Also, please add the following text to the top of the 'Pertaining to Certificates Issued by this CA' section on intermediate certificate pages:

The 'JSON Array of Partitioned CRLs' field only needs to be filled in for non-TLS
certificates when there is no full CRL for certificates issued by this CA.

Status: NEW → ASSIGNED

Following changes related to 'JSON Array of Partitioned CRLs' field are done.

  • increase field size to 20,000 characters
  • updated AddUpdateIntermedicateCert API to check for new size limit

The text can be added to the field help under '?' or at the top of the page under 'Messages'. The text is too long to be added to the section header. What would you prefer?

(In reply to Poonam Bhargava from comment #1)

Following changes related to 'JSON Array of Partitioned CRLs' field are done.

  • increase field size to 20,000 characters
  • updated AddUpdateIntermedicateCert API to check for new size limit

Thanks!

The text can be added to the field help under '?' or at the top of the page under 'Messages'. The text is too long to be added to the section header. What would you prefer?

Please change the section title from 'Pertaining to Certificates Issued by this CA' to 'Pertaining to Non-TLS Certificates Issued by this CA'

As we discussed, please also update the help text as follows.

Full CRL Issued By This CA: Enter the URL to the full CRL for non-TLS certificates issued by this CA.

JSON Array of Partitioned CRLs: When there is no full CRL for non-TLS certificates issued by this CA, provide a JSON array whose elements are URLs of partial CRLs that when combined are the equivalent of a full CRL for the non-TLS certificates issued by this CA.

Hi Kathleen,

The help text for "Full CRL Issued By This CA" and "JSON Array of Partitioned CRLs" has been updated. The section header for these fields on all root and intermediate cert pages have also been updated.

Regards,
Poonam

Thanks!

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Product: NSS → CA Program
Priority: P1 → --
Whiteboard: [ccadb-enhancement]
You need to log in before you can comment on or make changes to this bug.