Closed Bug 943624 Opened 9 years ago Closed 7 years ago
Extend OCSP stapling tests to verify support for SHA-2 (SHA-256, SHA-384) signatures
I made a comment about the limitations of our SHA-2 support, intending to reference bug 663315, that made some people concerned about our support for verifying ocsp responses that were signed using SHA-2 signatures. We should add some tests that use SHA-2 based certificates, to reassure CABForum that we correctly support SHA-2-signed OCSP responses.
Our tests currently only use sha-2 based signatures: https://dxr.mozilla.org/mozilla-central/rev/c67dc1f9fab86d4f2cf3224307809c44fe3ce820/security/pkix/test/lib/pkixtestutil.cpp#154
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.