'[jira] [Resolved] (WSS-338) should set com....security.enableCRLDP when enableRevocation is true'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       woden-dev
Subject:    [jira] [Resolved] (WSS-338) should set com....security.enableCRLDP when enableRevocation is true
From:       "Freeman Fang (Resolved) (JIRA)" <jira () apache ! org>
Date:       2012-02-17 1:22:00
Message-ID: 1909987603.49167.1329441720090.JavaMail.tomcat () hel ! zones ! apache ! org
[Download RAW message or body]


     [ https://issues.apache.org/jira/browse/WSS-338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

Freeman Fang resolved WSS-338.
------------------------------

    Resolution: Not A Problem

Per the discussion in WSS-339, this isn't a problem
                
> should set com....security.enableCRLDP when enableRevocation is true
> --------------------------------------------------------------------
> 
> Key: WSS-338
> URL: https://issues.apache.org/jira/browse/WSS-338
> Project: WSS4J
> Issue Type: Improvement
> Affects Versions: 1.6.4
> Reporter: Freeman Fang
> Assignee: Colm O hEigeartaigh
> Fix For: 1.6.5
> 
> Attachments: WSS-338.patch
> 
> 
> When we use CRL to do revocation certificate check, generally the certificates can \
> carry CRLDistributionPoints extension(which is http or ldap url), but currently we \
> can't use this CRLDistributionPoints in certificates out of the box. It would be \
> better that we can use CRLDistributionPoints out of box. Simply set \
> com.sun|ibm.security.enableCRLDP property as true when enableRevocation ensure that \
> we get chance to use the CRLDistributionPoints in certificates and no necessary to \
> specify org.apache.ws.security.crypto.merlin.x509crl.file explicitly and whatnot \
> for Crypto instance. Set this property won't affect current logic, e.g., if there \
> is no CRLDistributionPoints in certificates then it still can use the crl file \
> specified by  org.apache.ws.security.crypto.merlin.x509crl.file

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: \
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more \
information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic