Closed
Bug 403844
Opened 17 years ago
Closed 16 years ago
Verify pkix_OcspChecker_Check works with configured responders
Categories
(NSS :: Libraries, defect, P2)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 408847
3.12
People
(Reporter: KaiE, Unassigned)
Details
(Whiteboard: PKIX)
When using OCSP, two different strategies can be used: (a) use the responder specified in a cert (b) use a specific responder defined by the application Function pkix_OcspChecker_Check seems to offer strategy (b), because it allows to pass in a checker object, which contains a responder parameter. Reading the implementation of pkix_OcspChecker_Check and pkix_pl_OcspRequest_Create I'm worried that (b) is not implemented correctly. If a cert does not list a responder, then pkix_pl_OcspRequest_Create will report "uri not found". Back in pkix_OcspChecker_Check, this condition results in "test passed, done" action, without checking for a configured responder in the given checker object.
Updated•17 years ago
|
Whiteboard: PKIX
Target Milestone: --- → 3.12
Updated•16 years ago
|
Priority: -- → P2
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•