| |
ETSI's Bug Tracker |
| Anonymous | Login | Signup for local Mantis account | 05-05-2024 11:20 IST |  |
| Main | My View | View Issues | Change Log | Roadmap | Monitor project |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0007300 | SECURITY | TSS&TP | public | 14-01-2016 09:08 | 13-12-2016 13:11 | ||||
| Reporter | haddads | ||||||||
| Assigned To | Denis Filatov | ||||||||
| Priority | normal | Severity | minor | Reproducibility | have not tried | ||||
| Status | resolved | Resolution | no change required | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | Test_Spec_TS103096_V121 | ||||||||
| Target Version | Next Version | Fixed in Version | |||||||
| Summary | 0007300: [TP_SEC_ITSS_SND_CERT_02_01_BV][General remarks/questions] Testing the certifcate chain | ||||||||
| Description | Shouldn't we check (add a test?) that the chain is not longer than an upper 3 and that longer chains are rejected ? As far as I know the chain presented in the standards are always the same (root, AA, AT, cert), but can it be longer ? Since validating long certification chains can be a source of attacks. If it can be longer we should add tests with long chains (10-15 certificates, 100 ?). Also I think that the test should check the validity of the entire chain, not just the one of the last certificate e.g. : no loop, all the certificates are valid, etc; this is not tested. | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0013686) Peter Felber (developer) 14-01-2016 10:04 |
I didn't find a definition for the maximum length of certificate-chains in TS102940 or TS102941. If this is left open, we should also assume certificate chains which are longer than 3 certificates. |
|
(0013698) Denis Filatov (administrator) 15-01-2016 15:27 |
Look at the figure A.2 in TS102940: there are intermediate CAs on the picture. |
|
(0014408) Denis Filatov (administrator) 13-12-2016 13:11 |
nothing to fix |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 14-01-2016 09:08 | haddads | New Issue | |
| 14-01-2016 09:08 | haddads | Status | new => assigned |
| 14-01-2016 09:08 | haddads | Assigned To | => Denis Filatov |
| 14-01-2016 10:04 | Peter Felber | Note Added: 0013686 | |
| 15-01-2016 15:27 | Denis Filatov | Note Added: 0013698 | |
| 13-12-2016 13:11 | Denis Filatov | Note Added: 0014408 | |
| 13-12-2016 13:11 | Denis Filatov | Status | assigned => resolved |
| 13-12-2016 13:11 | Denis Filatov | Resolution | open => no change required |
|
Issue History |
| MantisBT 1.2.14 [^] Copyright © 2000 - 2024 MantisBT Team |
 |