santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Miroslav Nachev <m...@space-comm.com>
Subject How to get intermediate validation results during PKIX Certificate Path Validation
Date Wed, 14 Feb 2007 10:10:18 GMT
Hi,

For XAdES I need of additional information during PKIX Certificate Path 
Validation which exists when the debugging is enabled.
Is there any way to get these intermediate validation results?

   1. Key Checker;
   2. Constraints Checker
         - basic constraints
         - name constraints
   3. Certificate Policy Checker
   4. Basic Checker
         - timestamp
         - subject/issuer name chaining
         - signature
         - issuer
   5. OCSP Checker
           - Searching trust anchors for responder's certificate
           - connecting to OCSP service at: http://ocsp.b-trust.org
           - OCSP response: Successful
           - OCSP response type: basic
           - OCSP Responder name
           - Verified signature of OCSP Responder
           - Status of certificate (with serial number 22083) is: Good
   6. CRL Revocation Checker
           - checking revocation status;
           - Choice between CRL Distribution Points (URL) or CRL File
           - Trying to fetch CRL from DP 
http://www.b-trust.org/repository/ca3/crl/b-trust_ca3_oper.crl
           - Downloading new CRL...
           - Returning 1 CRLs
           - Verify Revocation Status: approved crls.size() = 1
           - starting the final sweep...
           - CrlRevocationChecker.verifyRevocationStatus cert SN: 22083
   7. Checking for unresolved Critical Extensions


Best Regards,
Miroslav Nachev

Mime
View raw message