Closed
Bug 190420
Opened 22 years ago
Closed 21 years ago
revoked certificates may be considered valid when CRL lookup fails
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.7.1
People
(Reporter: julien.pierre, Assigned: nelson)
Details
In some cases, PK11_FindCrlByName returns no CRL with no error, even though there was a serious error down in the PKCS#11 module on the token. The top-level function SEC_FindCrlByKeyOnSlot is not notified appropriately, and thus the certificate verification succeeds. This needs to be fixed so that any major CRL lookup failure results in certificate verification failure. Please see bug 190396 and bug 162983 for more details.
Reporter | ||
Updated•22 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.7.2
Comment 1•21 years ago
|
||
Assigned the bug to Nelson. Target NSS 3.8, priority P2.
Assignee: wtc → nelsonb
Priority: P1 → P2
Target Milestone: 3.7.2 → 3.8
Assignee | ||
Comment 2•21 years ago
|
||
Remove target milestone of 3.8, since these bugs didn't get into that release.
Target Milestone: 3.8 → ---
Reporter | ||
Comment 3•21 years ago
|
||
This has been fixed as of 3.7.1 .
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.7.1
You need to log in
before you can comment on or make changes to this bug.
Description
•