[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Non-self-signed trusted certificates in SFL 2.4

To: <imc-sfl@xxxxxxx>
Subject: Non-self-signed trusted certificates in SFL 2.4
From: "John Stark" <jas@xxxxxxxxxxxx>
Date: Fri, 16 Jul 2004 20:44:54 +0100
List-archive: <http://www.imc.org/imc-sfl/mail-archive/>
List-id: <imc-sfl.imc.org>
List-unsubscribe: <mailto:imc-sfl-request@imc.org?body=unsubscribe>
Sender: owner-imc-sfl@xxxxxxxxxxxx

Hello,

I have been testing some code that I have just ported from SFL 2.3 to 2.4.
In SFL 2.3 it was possible to use the CML to validate a certification path
from a user certificate to a trusted certificate that was not self-signed.
This did not work with SFL 2.0.1.  However, with SFL 2.4 it does not work
either.  The problem would appear to be that the CML doesn't trust the CRL
that was also signed with the non-self-signed CA certificate, and because it
doesn't trust the CRL it reports the revocation status of the user
certificate as unconfirmed.

Can anyone comment on this please?

John Stark
Tel: +44 1223 566732
Mobile: +44 7968 110628
E-mail: jas@xxxxxxxxxxxx
Web: http://www.metanate.com

Prev by Date: Encryption problem after porting from SFL 2.3 to 2.4
Previous by thread: Encryption problem after porting from SFL 2.3 to 2.4
Index(es):
- Date
- Thread