ETSI's Bug Tracker |
Anonymous | Login | Signup for local Mantis account | 05-05-2024 11:20 IST |
Main | My View | View Issues | Change Log | Roadmap | Monitor project |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0007300 | SECURITY | TSS&TP | public | 14-01-2016 09:08 | 13-12-2016 13:11 | ||||
Reporter | haddads | ||||||||
Assigned To | Denis Filatov | ||||||||
Priority | normal | Severity | minor | Reproducibility | have not tried | ||||
Status | resolved | Resolution | no change required | ||||||
Platform | OS | OS Version | |||||||
Product Version | Test_Spec_TS103096_V121 | ||||||||
Target Version | Next Version | Fixed in Version | |||||||
Summary | 0007300: [TP_SEC_ITSS_SND_CERT_02_01_BV][General remarks/questions] Testing the certifcate chain | ||||||||
Description | Shouldn't we check (add a test?) that the chain is not longer than an upper 3 and that longer chains are rejected ? As far as I know the chain presented in the standards are always the same (root, AA, AT, cert), but can it be longer ? Since validating long certification chains can be a source of attacks. If it can be longer we should add tests with long chains (10-15 certificates, 100 ?). Also I think that the test should check the validity of the entire chain, not just the one of the last certificate e.g. : no loop, all the certificates are valid, etc; this is not tested. | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Notes | |
(0013686) Peter Felber (developer) 14-01-2016 10:04 |
I didn't find a definition for the maximum length of certificate-chains in TS102940 or TS102941. If this is left open, we should also assume certificate chains which are longer than 3 certificates. |
(0013698) Denis Filatov (administrator) 15-01-2016 15:27 |
Look at the figure A.2 in TS102940: there are intermediate CAs on the picture. |
(0014408) Denis Filatov (administrator) 13-12-2016 13:11 |
nothing to fix |
Issue History | |||
Date Modified | Username | Field | Change |
14-01-2016 09:08 | haddads | New Issue | |
14-01-2016 09:08 | haddads | Status | new => assigned |
14-01-2016 09:08 | haddads | Assigned To | => Denis Filatov |
14-01-2016 10:04 | Peter Felber | Note Added: 0013686 | |
15-01-2016 15:27 | Denis Filatov | Note Added: 0013698 | |
13-12-2016 13:11 | Denis Filatov | Note Added: 0014408 | |
13-12-2016 13:11 | Denis Filatov | Status | assigned => resolved |
13-12-2016 13:11 | Denis Filatov | Resolution | open => no change required |
MantisBT 1.2.14 [^] Copyright © 2000 - 2024 MantisBT Team |