verifyTrust in Crypto should use CRLs as well ---------------------------------------------
Key: WSS-278 URL: https://issues.apache.org/jira/browse/WSS-278 Project: WSS4J Issue Type: Improvement Components: WSS4J Core Affects Versions: 1.6, 1.6.1 Environment: all Reporter: Marcin Markiewicz Assignee: Colm O hEigeartaigh The trust chain is validated without checking the CRLs. It is done this way, because Merlin does not check the CRLs as well. But it could be done by using CertPathValidator with proper parameters: java.security.cert.PKIXParameters params = new java.security.cert.PKIXParameters(...); params.setRevocationEnabled(true); It would be nice, if th verifyTrust-Method in Crypto would provide the functionality of checking the CRLs. Or a new method (validateTrustWithCRLs(...) ?) would be created. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org