View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0004703 | CTT UA Scripts | 1 - Script Issue | public | 2019-03-29 08:31 | 2024-09-26 09:40 |
Reporter | Bernd Edlinger | Assigned To | Sebastian Allmendinger | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | resolved | Resolution | fixed | ||
Summary | 0004703: inconsistency Security Certificate Validation/002.js vs. 042.js/043.js | ||||
Description | one test expects the server to return BadCertificateIssuerRevocationUnknown the other wants BadCertificateRevocationUnknown, 002.js "Connect using a client certificate signed by a CA trusted by the server where there is no revocation list available." 042.js/043.js "Connect using an (untrusted) issued certificate of a CA that has no revocation list available." | ||||
Tags | No tags attached. | ||||
Files Affected | /maintree/Security/Security Certificate Validation/Test Cases/002.js | ||||
related to | 0004704 | closed | Matthias Damm | 10000-004: Services | Certificate validation Steps - revocation lists |
|
Added a separate mantis issue to clarify what is expected with regards to revocation lists. Based on the return of that mantis issue "Bad_SecurityChecksFailed" might be added for both cases. Currently this is not listed in the spec. There is a difference between 2 and 42/43 in that there is an issuer certificate, thus the error being return does change. We are also asking for clarification as to what happens if the instance certificate is explicitly trusted which might also change what can be returned. |
|
Currently there is no Errata pushing this back to 1.04 nor 1.03. Therefore, this will only be fixed in the 1.05 version of the scripts. |
|
With the release of Errata 1.04.12, the expecation in the specification changed and therefore the test scripts have been updated. |
Date Modified | Username | Field | Change |
---|---|---|---|
2019-03-29 08:31 | Bernd Edlinger | New Issue | |
2019-03-29 14:43 | Paul Hunkar | Relationship added | related to 0004704 |
2019-03-29 15:16 | Paul Hunkar | Note Added: 0010080 | |
2019-03-29 15:16 | Paul Hunkar | Status | new => acknowledged |
2020-05-21 05:38 | Paul Hunkar | Assigned To | => Alexander Allmendinger |
2020-05-21 05:38 | Paul Hunkar | Status | acknowledged => assigned |
2022-08-02 20:04 | Paul Hunkar | Project | Compliance Test Tool (CTT) Unified Architecture => CTT UA Scripts |
2022-09-02 14:46 | Alexander Allmendinger | Note Added: 0017490 | |
2024-09-26 09:37 | Sebastian Allmendinger | Files Affected |
=> /maintree/Security/Security Certificate Validation/Test Cases/002.js
/maintree/Security/Security Certificate Validation/Test Cases/042.js /maintree/Security/Security Certificate Validation/Test Cases/043.js |
2024-09-26 09:40 | Sebastian Allmendinger | Assigned To | Alexander Allmendinger => Sebastian Allmendinger |
2024-09-26 09:40 | Sebastian Allmendinger | Status | assigned => resolved |
2024-09-26 09:40 | Sebastian Allmendinger | Resolution | open => fixed |
2024-09-26 09:40 | Sebastian Allmendinger | Note Added: 0021809 |