PKCS#11: Cert lookup by Subject Key ID

RESOLVED FIXED in 3.8

Status

NSS
Libraries
P3
normal
RESOLVED FIXED
18 years ago
12 years ago

People

(Reporter: Christian Kaiser, Assigned: Ian McGreer)

Tracking

unspecified

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

18 years ago
S/MIMEv3 requires certificates to be optionally looked up by Subject Key ID. 
Currently, there is no way to do this in NSS.

The cert database format is not up to this task; though there is a record 
containing subject key ids, it needs to be looked up by subject DN (which you 
would not know at this point) - so in the end, one would have to traverse all 
the subject records and match the subject key id.

However, the necessary attributes for a PKCS#11 style C_FindObjects lookup must 
be defined and implemented first.

Updated

17 years ago
Target Milestone: --- → 3.2

Updated

17 years ago
QA Contact: lord → sonmi

Updated

17 years ago
Target Milestone: 3.2 → Future

Comment 1

16 years ago
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
QA Contact: bishakhabanerjee → jason.m.reid

Comment 2

12 years ago
This has been fixed for a while. CMS has no problem looking up certs by
SubjectKeyID.

pk11cert.c rev 1.110 Dec 17, 2002 has part of the change.
NSS 3.7 had rev 1.109
NSS 3.8 had rev 1.116, so I've set the target to 3.8 to reflect when the fix
went in.
(For Mozilla users, that would be Mozilla 1.4a Release.)
Target Milestone: Future → 3.8

Comment 3

12 years ago
arg, I meant to mark this fixed
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.