Hi,
I found that I can not do the certificate validation because in the
checked certificate for the distribution point are associated
"onlySomeReasons":
[1]CRL Distribution Point
Distribution Point Name:
Full Name:
URL=http://crl.infonotary.com/crl/qsign-company-ca.crl
CRL Reason=Key Compromise, Affiliation Changed, Cessation of
Operation, Certificate Hold (56)
[2]CRL Distribution Point
Distribution Point Name:
Full Name:
URL=ldap://ldap.infonotary.com/dc=qsign-company-ca,dc=infonotary,dc=com
CRL Reason=Key Compromise, Affiliation Changed, Cessation of
Operation, Certificate Hold (56)
The CRL Checker in JDK6 assume that the distribution point contain
revocations for all reason codes and that conflict the certificate can
not be validated.
My question is why you assume that ALL certificates in the world MUST
contain all CRL reason codes? Is this some unwritten rule?
Best Regards,
Miroslav Nachev
begin:vcard
fn:Miroslav Nachev
n:Nachev;Miroslav
org:COSMOS Software Enterprises, Ltd.
adr:"Preki pat" str., No. 16, kv. Pavlovo;;ap. 3, fl. 1, entr. A,;Sofia;;1618;Bulgaria
email;internet:[EMAIL PROTECTED]
tel;work:(+359-2) 856-19-43
tel;cell:(+359-88) 897-31-95
url:http://www.space-comm.com
version:2.1
end:vcard
