Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configuration file specifying validity periods of CA certificates #46

Open
GoogleCodeExporter opened this issue Aug 6, 2015 · 0 comments

Comments

@GoogleCodeExporter
Copy link

CA certificates may loose their validity before their "best before" date 
because of compromise, cease of operation, etc. To properly validate signatures 
using certificates issued by such CA we need to have file that can override the 
validity periods of CA certificates.

What steps will reproduce the problem?
1. Have document signed using certificate issued by DigiNotar
2. The document was timestamped by VeriSign before DigiNotar compromise

What is the expected output? What do you see instead?
Document should be considered valid. It isn't because DigiNotar can't be in 
trusted CAs.

Please provide any additional information below.

Related: issue 18 in practice, will be required for XAdES-A implementation.

Suggested file format: Trust Service List published by ETSI 
http://www.etsi.org/deliver/etsi_ts/102200_102299/102231/03.01.02_60/ts_102231v0
30102p.pdf

Original issue reported on code.google.com by [email protected] on 25 Sep 2012 at 12:52

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants