View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000826510000-004: ServicesSpecpublic2022-08-26 19:282025-03-12 18:45
ReporterJim Luth Assigned ToMatthias Damm  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version1.04 
Fixed in Version1.05.06 RC1 
Summary0008265: Missing requirement to validate Certificate Revocation List (CRL)
Description

Clause 6.1.3 is missing the requirement for actors to verify that a CRL is valid before using it (i.e. it is signed by the appropriate CA, not tampered with, not expired ...)

Additional Information

This issue was originally reported against Part 83 which has text copied from Part 4 -- see related issue.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0008266 closedEmanuel Kolb Part 83: UAFX Offline Engineering Missing requirement to validate Certificate Revocation List (CRL) 
related to 0008250 closedTodd Snide Part 83: UAFX Offline Engineering Part 83 section 7.7.2 Table 3 Find Revocation List description needs to be improved (D. Ziegler) 

Activities

Jim Luth

2022-08-30 16:57

administrator   ~0017471

Randy to propose text here in the Mantis issue for Matthias to put in Part 4

Martin Dickopp

2024-10-01 12:57

reporter   ~0021822

The current Part 83 draft has the following wording:

Revocation Check: The certificate shall not be revoked. Whether a certificate is revoked shall be checked as specified in IETF RFC 5280, 6.3.

This seems correct and sufficient to me.  RFC 5280, 6.3 specifies the CRL validation algorithm in detail, and this algorithm is also what existing software (such as OpenSSL and others) implements.

Matthias Damm

2025-03-10 21:05

developer   ~0022504

Table 106 – Certificate validation steps
Revocation Check
Replaced
The Certificate has been revoked and may not be used.
With
The Certificate shall not be revoked. Whether a certificate is revoked shall be checked as specified in RFC 5280, 6.3.

Jim Luth

2025-03-12 18:45

administrator   ~0022522

Agreed to changes edited in F2F meeting.

Issue History

Date Modified Username Field Change
2022-08-26 19:28 Jim Luth New Issue
2022-08-26 19:29 Jim Luth Issue cloned: 0008266
2022-08-26 19:29 Jim Luth Relationship added related to 0008266
2022-08-30 16:57 Jim Luth Assigned To => Randy Armstrong
2022-08-30 16:57 Jim Luth Status new => assigned
2022-08-30 16:57 Jim Luth Note Added: 0017471
2022-09-30 13:41 Jim Luth Relationship added related to 0008250
2024-10-01 12:57 Martin Dickopp Note Added: 0021822
2025-03-10 21:05 Matthias Damm Assigned To Randy Armstrong => Matthias Damm
2025-03-10 21:05 Matthias Damm Status assigned => resolved
2025-03-10 21:05 Matthias Damm Resolution open => fixed
2025-03-10 21:05 Matthias Damm Fixed in Version => 1.05.06 RC1
2025-03-10 21:05 Matthias Damm Note Added: 0022504
2025-03-12 18:45 Jim Luth Status resolved => closed
2025-03-12 18:45 Jim Luth Note Added: 0022522