Closed
Bug 1898166
Opened 5 months ago
Closed 4 months ago
Adjust OCSP test keysize-ocsp-delegated.example.com after policy code changes
Categories
(Core :: Security: PSM, defect, P1)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
128 Branch
Tracking | Status | |
---|---|---|
firefox128 | --- | fixed |
People
(Reporter: KaiE, Assigned: keeler)
References
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
With bug 1884444 applied, the test below
(from security/manager/ssl/tests/unit/test_ocsp_stapling.js )
fails for me.
See bug 1884444 comment 19 + 21.
// Check that OCSP responder certificates with key sizes below 1024 bits are
// rejected, even when the main certificate chain keys are at least 1024 bits.
add_ocsp_test(
"keysize-ocsp-delegated.example.com",
SSL_ERROR_UNRECOGNIZED_NAME_ALERT,
true,
true
);
Updated•4 months ago
|
Assignee: jschanck → dkeeler
Status: NEW → ASSIGNED
Updated•4 months ago
|
Severity: -- → S4
Assignee | ||
Comment 1•4 months ago
|
||
Assignee | ||
Updated•4 months ago
|
Whiteboard: [psm-assigned]
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/da3e9a33beb4
set nss key size policy when generating test OCSP responses r=jschanck
Status: ASSIGNED → RESOLVED
Closed: 4 months ago
status-firefox128:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 128 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•