[
https://issues.apache.org/jira/browse/WSS-278?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-278:
------------------------------------
Affects Version/s: (was: 1.6.1)
Fix Version/s: 1.6.1
> verifyTrust in Crypto should use CRLs as well
> ---------------------------------------------
>
> Key: WSS-278
> URL: https://issues.apache.org/jira/browse/WSS-278
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 1.6
> Environment: all
> Reporter: Marcin Markiewicz
> Assignee: Colm O hEigeartaigh
> Fix For: 1.6.1
>
>
> The trust chain is validated without checking the CRLs. It is done this way,
> because Merlin does not check the CRLs as well. But it could be done by using
> CertPathValidator with proper parameters:
> java.security.cert.PKIXParameters params = new
> java.security.cert.PKIXParameters(...);
> params.setRevocationEnabled(true);
> It would be nice, if th verifyTrust-Method in Crypto would provide the
> functionality of checking the CRLs. Or a new method
> (validateTrustWithCRLs(...) ?) would be created.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
