ETSI's Bug Tracker - SECURITY | |||||
View Issue Details | |||||
ID | Project | Category | View Status | Date Submitted | Last Update |
0007300 | SECURITY | TSS&TP | public | 14-01-2016 09:08 | 13-12-2016 13:11 |
Reporter | haddads | ||||
Assigned To | Denis Filatov | ||||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | resolved | Resolution | no change required | ||
Platform | OS | OS Version | |||
Product Version | Test_Spec_TS103096_V121 | ||||
Target Version | Next Version | Fixed in Version | |||
Summary | 0007300: [TP_SEC_ITSS_SND_CERT_02_01_BV][General remarks/questions] Testing the certifcate chain | ||||
Description | Shouldn't we check (add a test?) that the chain is not longer than an upper 3 and that longer chains are rejected ? As far as I know the chain presented in the standards are always the same (root, AA, AT, cert), but can it be longer ? Since validating long certification chains can be a source of attacks. If it can be longer we should add tests with long chains (10-15 certificates, 100 ?). Also I think that the test should check the validity of the entire chain, not just the one of the last certificate e.g. : no loop, all the certificates are valid, etc; this is not tested. | ||||
Steps To Reproduce | |||||
Additional Information | |||||
Tags | No tags attached. | ||||
Relationships | |||||
Attached Files | |||||
Issue History | |||||
Date Modified | Username | Field | Change | ||
14-01-2016 09:08 | haddads | New Issue | |||
14-01-2016 09:08 | haddads | Status | new => assigned | ||
14-01-2016 09:08 | haddads | Assigned To | => Denis Filatov | ||
14-01-2016 10:04 | Peter Felber | Note Added: 0013686 | |||
15-01-2016 15:27 | Denis Filatov | Note Added: 0013698 | |||
13-12-2016 13:11 | Denis Filatov | Note Added: 0014408 | |||
13-12-2016 13:11 | Denis Filatov | Status | assigned => resolved | ||
13-12-2016 13:11 | Denis Filatov | Resolution | open => no change required |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|