View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000924710000-012: DiscoverySpecpublic2023-11-09 13:052024-05-07 15:28
ReporterBarrucand Assigned ToRandy Armstrong  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.04 
Fixed in Version1.05.04 RC1 
Summary0009247: Definition of "normal integrity checks" for the ServerConfiguration.UpdateCertificate method
Description

In the push model's UpdateCertificate description, the part 12 v1.04 states that the server shall do all normal integrity checks on the Certificate and all of the issuer Certificates.
What is the definition of "normal integrity checks"? The mantis issue 0008470 seems to indicate that we should apply the validation process defined in part 4.
With the given issuers, we can check the signature on the new certificate as well as the validity period of each issuer supplied, but as the CRLs are not provided, we cannot strictly apply the validation process defined in part 4.

TagsNo tags attached.
Commit Version1.05.04 RC
Fix Due Date2024-01-30

Relationships

has duplicate 0009328 closedRandy Armstrong UpdateCertificate method has no way to include a CRL 

Activities

Randy Armstrong

2024-03-01 14:35

administrator   ~0020885

The Server shall follow the validation process defined in OPC 10000-4 on the Certificate and all of the issuer Certificates. If errors occur the Bad_SecurityChecksFailed error is returned. Note that the validation process requires that the TrustList associated with the CertificateGroup already contain the Issuer Certificates and their CRLs or that the issuers support online CRL checks.

Jim Luth

2024-05-07 15:28

administrator   ~0021165

Agreed to changes in Web meeting.

Issue History

Date Modified Username Field Change
2023-11-09 13:05 Barrucand New Issue
2023-12-06 20:42 Jim Luth Assigned To => Randy Armstrong
2023-12-06 20:42 Jim Luth Status new => assigned
2023-12-06 20:42 Jim Luth Commit Version => 1.05.04 RC
2023-12-06 20:42 Jim Luth Fix Due Date => 2024-01-30
2024-03-01 14:35 Randy Armstrong Status assigned => resolved
2024-03-01 14:35 Randy Armstrong Resolution open => fixed
2024-03-01 14:35 Randy Armstrong Note Added: 0020885
2024-03-03 09:42 Randy Armstrong Relationship added has duplicate 0009328
2024-05-07 15:28 Jim Luth Status resolved => closed
2024-05-07 15:28 Jim Luth Fixed in Version => 1.05.04 RC1
2024-05-07 15:28 Jim Luth Note Added: 0021165