Open Bug 926261 Opened 12 years ago Updated 3 years ago

mozilla::pkix does not enforce certificate policy on OCSP response signing certificates

Tracking

()

Status:

NEW

People

(Reporter: briansmith, Unassigned)

References

Details

(Whiteboard: [psm-backlog])

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Description

•

12 years ago

insanity::pkix does not enforce certificate policy on OCSP response signing certificates. The classic NSS CERT_VerifyCert doesn't even know about certificate policy at all, so this is not a regression.

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Updated

•

12 years ago

Updated

•

12 years ago

Updated

•

11 years ago

Summary: insanity::pkix does not enforce certificate policy on OCSP response signing certificates → mozilla::pkix does not enforce certificate policy on OCSP response signing certificates

Dana Keeler (she/her) [:keeler]

Updated

•

9 years ago

Whiteboard: [psm-backlog]

Dana Keeler (she/her) [:keeler]

Updated

•

9 years ago

Priority: P4 → P3

BMO Automation

Updated

•

3 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

mozilla::pkix does not enforce certificate policy on OCSP response signing certificates

Categories

(Core :: Security: PSM, defect, P3)

Tracking

()

People

(Reporter: briansmith, Unassigned)

References

Details

(Whiteboard: [psm-backlog])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated

Updated

Updated