cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrei Shakirin (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-5482) XKMS: provide direct trust validator
Date Tue, 07 Jan 2014 15:13:51 GMT

     [ https://issues.apache.org/jira/browse/CXF-5482?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrei Shakirin resolved CXF-5482.
----------------------------------

       Resolution: Fixed
    Fix Version/s: 3.0.0-milestone2

> XKMS: provide direct trust validator
> ------------------------------------
>
>                 Key: CXF-5482
>                 URL: https://issues.apache.org/jira/browse/CXF-5482
>             Project: CXF
>          Issue Type: Improvement
>            Reporter: Andrei Shakirin
>            Assignee: Andrei Shakirin
>             Fix For: 3.0.0-milestone2
>
>
> Currently XKMS validate() operation checks only validity period, trusted chain and CRLs
of X509 certificate. Basically it is not necessary that certificate exists in the XKMS repository.
> However, in some cases it is required that certificate itself is "known" by XKMS (direct
trust).
> For such cases XKMS validation request should additionally contain element <KeyUsage>http://www.w3.org/2002/03/xkms#Signature</KeyUsage>.
This element triggers direct trust validation.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message