[jira] [Updated] (CXF-5075) Support for chain trust validation

Achim Finke (JIRA) Tue, 11 Jun 2013 01:18:49 -0700

     [ 
https://issues.apache.org/jira/browse/CXF-5075?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Achim Finke updated CXF-5075:
-----------------------------

    Description: 
Provides a validator which verifies a given subject certificate followed by 
optional intermediate CAs.

Further Public Key Infrastructure data about intermediate and trusted CAs is 
taken from LDAP (filters can be configured via properties).

As result the validator returns the valid/invalid reason as 
[IssuerTrust|http://www.w3.org/TR/xkms2/#XKMS_2_0_Section_5_1_8].

Certificate Revocation Lists are not supported yet.

Thanks to [[email protected]] for supporting and reviewing.

  was:
Provides a validator which verifies a given subject certificate followed by 
optional intermediate CAs.

Further Public Key Infrastructure data about intermediate and trusted CAs is 
taken from LDAP (filters can be configured via properties).

As result the validator returns the valid/invalid reason as 
[IssuerTrust|http://www.w3.org/TR/xkms2/#XKMS_2_0_Section_5_1_8].

Certificate Revocation Lists are not supported yet.

    
> Support for chain trust validation
> ----------------------------------
>
>                 Key: CXF-5075
>                 URL: https://issues.apache.org/jira/browse/CXF-5075
>             Project: CXF
>          Issue Type: Improvement
>          Components: Services
>    Affects Versions: 3.0.0
>            Reporter: Achim Finke
>             Fix For: 3.0.0
>
>         Attachments: xkms-chain-trust-validation.patch
>
>
> Provides a validator which verifies a given subject certificate followed by 
> optional intermediate CAs.
> Further Public Key Infrastructure data about intermediate and trusted CAs is 
> taken from LDAP (filters can be configured via properties).
> As result the validator returns the valid/invalid reason as 
> [IssuerTrust|http://www.w3.org/TR/xkms2/#XKMS_2_0_Section_5_1_8].
> Certificate Revocation Lists are not supported yet.
> Thanks to [[email protected]] for supporting and reviewing.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (CXF-5075) Support for chain trust validation

Reply via email to