Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuration file specifying validity periods of CA certificates #46

Open
GoogleCodeExporter opened this issue Aug 6, 2015 · 0 comments
Open

Configuration file specifying validity periods of CA certificates #46

GoogleCodeExporter opened this issue Aug 6, 2015 · 0 comments
Labels
auto-migrated enhancement

Comments

@GoogleCodeExporter
Copy link 

CA certificates may loose their validity before their "best before" date 
because of compromise, cease of operation, etc. To properly validate signatures 
using certificates issued by such CA we need to have file that can override the 
validity periods of CA certificates.

What steps will reproduce the problem?
1. Have document signed using certificate issued by DigiNotar
2. The document was timestamped by VeriSign before DigiNotar compromise

What is the expected output? What do you see instead?
Document should be considered valid. It isn't because DigiNotar can't be in 
trusted CAs.

Please provide any additional information below.

Related: issue 18 in practice, will be required for XAdES-A implementation.

Suggested file format: Trust Service List published by ETSI 
http://www.etsi.org/deliver/etsi_ts/102200_102299/102231/03.01.02_60/ts_102231v0
30102p.pdf

Original issue reported on code.google.com by [email protected] on 25 Sep 2012 at 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@luisgoncalves @GoogleCodeExporter