View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0008265 | 10000-004: Services | Spec | public | 2022-08-26 19:28 | 2024-10-01 12:57 |
Reporter | Jim Luth | Assigned To | Randy Armstrong | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | assigned | Resolution | open | ||
Product Version | 1.04 | ||||
Summary | 0008265: Missing requirement to validate Certificate Revocation List (CRL) | ||||
Description | Clause 6.1.3 is missing the requirement for actors to verify that a CRL is valid before using it (i.e. it is signed by the appropriate CA, not tampered with, not expired ...) | ||||
Additional Information | This issue was originally reported against Part 83 which has text copied from Part 4 -- see related issue. | ||||
Tags | No tags attached. | ||||
Commit Version | |||||
Fix Due Date | |||||
related to | 0008266 | acknowledged | Emanuel Kolb | Part 83: UAFX Offline Engineering | Missing requirement to validate Certificate Revocation List (CRL) |
related to | 0008250 | closed | Todd Snide | Part 83: UAFX Offline Engineering | Part 83 section 7.7.2 Table 3 Find Revocation List description needs to be improved (D. Ziegler) |
|
Randy to propose text here in the Mantis issue for Matthias to put in Part 4 |
|
The current Part 83 draft has the following wording: Revocation Check: The certificate shall not be revoked. Whether a certificate is revoked shall be checked as specified in IETF RFC 5280, 6.3. This seems correct and sufficient to me. RFC 5280, 6.3 specifies the CRL validation algorithm in detail, and this algorithm is also what existing software (such as OpenSSL and others) implements. |
Date Modified | Username | Field | Change |
---|---|---|---|
2022-08-26 19:28 | Jim Luth | New Issue | |
2022-08-26 19:29 | Jim Luth | Issue cloned: 0008266 | |
2022-08-26 19:29 | Jim Luth | Relationship added | related to 0008266 |
2022-08-30 16:57 | Jim Luth | Assigned To | => Randy Armstrong |
2022-08-30 16:57 | Jim Luth | Status | new => assigned |
2022-08-30 16:57 | Jim Luth | Note Added: 0017471 | |
2022-09-30 13:41 | Jim Luth | Relationship added | related to 0008250 |
2024-10-01 12:57 | Martin Dickopp | Note Added: 0021822 |