Closed Bug 943624 Opened 11 years ago Closed 9 years ago

Extend OCSP stapling tests to verify support for SHA-2 (SHA-256, SHA-384) signatures

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: briansmith, Unassigned)

References

Details

I made a comment about the limitations of our SHA-2 support, intending to reference bug 663315, that made some people concerned about our support for verifying ocsp responses that were signed using SHA-2 signatures. We should add some tests that use SHA-2 based certificates, to reassure CABForum that we correctly support SHA-2-signed OCSP responses.
See Also: → 966856
Our tests currently only use sha-2 based signatures: https://dxr.mozilla.org/mozilla-central/rev/c67dc1f9fab86d4f2cf3224307809c44fe3ce820/security/pkix/test/lib/pkixtestutil.cpp#154
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.