cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrei Shakirin (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5482) XKMS: provide direct trust validator
Date Mon, 06 Jan 2014 15:03:50 GMT
Andrei Shakirin created CXF-5482:
------------------------------------

             Summary: XKMS: provide direct trust validator
                 Key: CXF-5482
                 URL: https://issues.apache.org/jira/browse/CXF-5482
             Project: CXF
          Issue Type: Improvement
            Reporter: Andrei Shakirin
            Assignee: Andrei Shakirin


Currently XKMS validate() operation checks only validity period, trusted chain and CRLs of
X509 certificate. Basically it is not necessary that certificate exists in the XKMS repository.
However, in some cases it is required that certificate itself is "known" by XKMS (direct trust).
For such cases XKMS validation request should additionally contain element <KeyUsage>http://www.w3.org/2002/03/xkms#Signature</KeyUsage>.
This element triggers direct trust validation.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message