httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 33084] New: - Optional certificate validity period check on SSLVerifyClient
Date Thu, 13 Jan 2005 16:57:15 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=33084>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=33084

           Summary: Optional certificate validity period check on
                    SSLVerifyClient
           Product: Apache httpd-2.0
           Version: 2.0-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: nuno.ponte@multicert.com


It would be useful to have an additional level on the SSLVerifyClient directive
to let an expired client certificate (e.g., out of it's validity period) to be
able to authenticate.

This could be used for certificate renewal services, where a user that missed to
do his certificate renewal before the expiration date, could still access to the
PKI RA/CA renewal service. As an extra feature, it would also be nice to set a
maximum period to allow the access (a "tolerance").

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message