i will try to write some testing document mainly for security relevant actions (which will be quite a lot since a lot of actions are security relevant in an pki)
so we get some procedures and a document to follow for testing a new rc or version and the rise quality of released stuff, and i think the effort would it be worth...
maybe we should also think about creating some documentation at the kind of an uml-digramm, yeah lots of work (since its kind of reverse engeneering of the source codes), but sometimes i would like to have one to trace dataflows and object interaction more easyly
but i don't know if i get this (testing document) ready since i have to prepare some presentations till end of next week, but this would be a good idea anyway for the planed workshop this year - so this may be used as a starting point for this too...
--------------------------------
the document should look something like this:
action pre-condition post-condition expected behavior
to get an version passed through the post-conditions and expected behavior should be reach for every defined action of the system but i'm not sure if this is the best way
example
action: approve certificate with signature pre-condition: loged in as operator certificate is in state new post-condition: request is signed with operator signatur request is in state approved expected behavior: check signature of operator sign and change state if signature is valid don't sign if signature is not valid don't change state if signature is not valid throw an error if signature is not valid
so this would mean, to check this action there are several tests necessary so it would get to split into several real tests as:
action: approve certificate with signature - subtest a pre-condition: loged in as operator certificate is in state new to be used signing certificate is valid post-condition: request is signed with (choosen) operator signatur request is in state approved expected behavior: check signature of operator sign and change state show correct ending of action approve request
action: approve certificate with signature - subtest b pre-condition: loged in as operator certificate is in state new to be used certificate is expired post-condition: request is not signed with operator signatur request is in state new expected behavior: check signature of operator show signature error stop action dont approve request dont change state security break attemped logged and mail to security officer send *g*
and so on - any comments?
Yes, start write it down. There is an extra area for this - docs/test/. Some time ago I had the same idea but the openca guide had priority. So feel free to reorganize this area of the docs.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
