View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000952810000-003: Address SpaceSpecpublic2024-04-24 21:342024-09-10 16:17
ReporterRandy Armstrong Assigned ToRandy Armstrong  
PriorityimmediateSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version1.05.04 RC1 
Target Version1.05.04 RC1Fixed in Version1.05.04 
Summary0009528: 4.2 URIs: OpenSSL bug makes Tag URIs invalid as ApplicationUris
Description

The OpenSSL specification thinks the URI in a x509 has to be a valid URL and cannot deal with comma in the tag URI syntax.
We need to prohibit tag URIs as ApplicationUris or remove Tag URIs from the spec.

https://reference.opcfoundation.org/Core/Part3/v105/docs/4.2

TagsNo tags attached.
Commit Version1.05.04
Fix Due Date2024-07-15

Activities

Randy Armstrong

2024-04-25 17:18

administrator   ~0021155

OpenSSL provides an API where the elements of the SAN can be passed one at a time and this API works fine in preserving the comma in the URI.

Matthias Damm

2024-05-05 10:58

developer   ~0021159

The definition in Part 3 conflicts with the definition in Part 6

Part 6
6.2.2 Application Instance Certificate
Table 36 – Application Instance Certificate
subjectAltName
The alternate names for the application Instance.
Shall include a uniformResourceIdentifier which is equal to the applicationUri. The URI shall be a valid URL (see RFC 3986) or a valid URN (see RFC 8141).

Matthias Damm

2024-06-07 06:38

developer   ~0021263

It is right that we found another function in the OpenSSL API to create a certificate with a comma in the URI but we so far we have not found a way to create a signing request

Randy Armstrong

2024-09-09 07:39

administrator   ~0021685

Updated to used URNs instead of tags.

Added this context:

Note the URN examples do not use an existing IANA URN namespace identifier. Instead a DNS name and a date are used to ensure global uniqueness and time invariance. The date used in a URN is the date when a new URN is created and indicates that the URN was created onbehalf the owner of the domain on that date.

Jim Luth

2024-09-10 16:17

administrator   ~0021697

Agreed to changes edited in Web Meeting.

Issue History

Date Modified Username Field Change
2024-04-24 21:34 Randy Armstrong New Issue
2024-04-25 17:18 Randy Armstrong Note Added: 0021155
2024-05-05 10:58 Matthias Damm Note Added: 0021159
2024-06-07 06:38 Matthias Damm Note Added: 0021263
2024-06-18 15:46 Jim Luth Assigned To => Randy Armstrong
2024-06-18 15:46 Jim Luth Status new => assigned
2024-06-18 15:46 Jim Luth Fix Due Date => 2024-07-15
2024-06-18 17:19 Jim Luth Commit Version => 1.05.04
2024-09-09 07:39 Randy Armstrong Status assigned => resolved
2024-09-09 07:39 Randy Armstrong Resolution open => fixed
2024-09-09 07:39 Randy Armstrong Note Added: 0021685
2024-09-10 16:17 Jim Luth Status resolved => closed
2024-09-10 16:17 Jim Luth Fixed in Version => 1.05.04
2024-09-10 16:17 Jim Luth Note Added: 0021697