Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi, On Wed, Jan 3, 2018 at 6:05 PM, Asela Pathberiya wrote: > > > On Fri, Dec 15, 2017 at 10:11 AM, Darshana Gunawardana > wrote: > >> >> >> On Fri, Dec 15, 2017 at 9:02 AM, Indunil Upeksha Rathnayake < >> indu...@wso2.com> wrote: >> >>> Hi, >>> >>> At the

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Indunil Created the repo, please check. On Wed, Feb 14, 2018 at 2:01 PM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi Maheshika, > > Please use following as the parent group ID. > org.wso2.carbon.extension.identity.x509certificate.revocation > > Thanks and Regards > > On Wed,

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Maheshika, Please use following as the parent group ID. org.wso2.carbon.extension.identity.x509certificate.revocation Thanks and Regards On Wed, Feb 14, 2018 at 1:46 PM, Maheshika Goonetilleke wrote: > Hi Indunil > > Please provide the maven group id for this repo. > >

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Indunil Please provide the maven group id for this repo. On Wed, Feb 14, 2018 at 1:11 PM, Afkham Azeez wrote: > Approved > > On Feb 12, 2018 10:26 AM, "Indunil Upeksha Rathnayake" > wrote: > > Hi Maheshika, > > Can you please create a new git repository

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Approved On Feb 12, 2018 10:26 AM, "Indunil Upeksha Rathnayake" wrote: Hi Maheshika, Can you please create a new git repository with the name " identity-x509-revocation" under wso2-extensions, for moving this feature implementation. Thanks and Regards On Wed, Jan 17, 2018

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Adding Azeez On Mon, Feb 12, 2018 at 10:28 AM, Maheshika Goonetilleke wrote: > hi Azeez > > Please confirm. > > On Mon, Feb 12, 2018 at 10:26 AM, Indunil Upeksha Rathnayake < > indu...@wso2.com> wrote: > >> Hi Maheshika, >> >> Can you please create a new git repository with

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

hi Azeez Please confirm. On Mon, Feb 12, 2018 at 10:26 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi Maheshika, > > Can you please create a new git repository with the name " > identity-x509-revocation" under wso2-extensions, for moving this feature > implementation. > > Thanks

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Maheshika, Can you please create a new git repository with the name " identity-x509-revocation" under wso2-extensions, for moving this feature implementation. Thanks and Regards On Wed, Jan 17, 2018 at 11:20 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > Please find the

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi, Please find the following considerations on proceeding with the CRL/OCSP certificate validation. Appreciate your ideas and comments on this. *Store root CA and intermediate CA certificates in registry* - As per the current implementation, trust stores which are having CA certificates

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi, On Wed, Jan 10, 2018 at 12:24 PM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > On Wed, Jan 3, 2018 at 6:05 PM, Asela Pathberiya wrote: > >> >> >> On Fri, Dec 15, 2017 at 10:11 AM, Darshana Gunawardana > > wrote: >> >>> >>> >>> On Fri,

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi, Thanks a lot for your valuable feedbacks. Please find the current implementation details as follows. - Certificate validators can be configured in /repository/conf/security/certificate-validators.xml as follows with configured priorities. This will be added to tenant registry in

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Indunil, On Fri, Dec 15, 2017 at 7:32 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > At the time, a certificate is issued by a Certificate Authority (CA), it > is expected to be in use for its entire validity period. However, various > circumstances may cause a

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

On Fri, Dec 15, 2017 at 9:02 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > At the time, a certificate is issued by a Certificate Authority (CA), it > is expected to be in use for its entire validity period. However, various > circumstances may cause a certificate to become

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Indunil, On Fri, Dec 15, 2017 at 9:02 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > At the time, a certificate is issued by a Certificate Authority (CA), it > is expected to be in use for its entire validity period. However, various > circumstances may cause a

Re: [Architecture] [X509 Authenticator] Certificate Revocation Verification with CRL and OCSP

Hi Indunil, On Fri, Dec 15, 2017 at 9:02 AM, Indunil Upeksha Rathnayake < indu...@wso2.com> wrote: > Hi, > > At the time, a certificate is issued by a Certificate Authority (CA), it > is expected to be in use for its entire validity period. However, various > circumstances may cause a