ETSI's Bug Tracker |
Anonymous | Login | Signup for local Mantis account | 17-05-2024 15:58 IST |
Main | My View | View Issues | Change Log | Roadmap | Monitor project |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||||||
0007407 | SECURITY | TSS&TP | public | 12-02-2016 14:21 | 24-02-2016 12:53 | ||||||||
Reporter | Peter Felber | ||||||||||||
Assigned To | Denis Filatov | ||||||||||||
Priority | normal | Severity | minor | Reproducibility | have not tried | ||||||||
Status | feedback | Resolution | open | ||||||||||
Platform | OS | OS Version | |||||||||||
Product Version | Test_Spec_TS103096_V121 | ||||||||||||
Target Version | Test_Spec_TS103096_V121 | Fixed in Version | |||||||||||
Summary | 0007407: Add TP to check whether certificate includes validityrestriction of type region of invalid type | ||||||||||||
Description | Summary: Check that IUT discards a SecuredMessage if it includes ValidityRestrictions of type region of invalid type Reference: ETSI TS 103 097 [1], clause 4.2.21 PICS Selection: PICS_GN_SECURITY Expected behaviour: with the IUT being in the 'authorized' state ensure that when the IUT is receiving a SecuredMessage containing header_fields ['signer_info'] containing signer containing type indicating 'certificate' containing validity_restrictions['Region'] containing type indicating (5, 239, 240 ,255) then the IUT discards the message | ||||||||||||
Tags | No tags attached. | ||||||||||||
Attached Files | |||||||||||||
Notes | |
(0013865) Denis Filatov (administrator) 24-02-2016 12:48 |
0007407 Check that IUT discards a SecuredMessage if the reserved region type has been used in region validity restriction of the AT certificate A /branches/STF507/requality/TS103096/root/Requirements/SEC_ITSS/SEC_ITSS_RCV/SEC_ITSS_RCV_CERT/SEC_ITSS_RCV_CERT_19 [^] A /branches/STF507/requality/TS103096/root/Requirements/SEC_ITSS/SEC_ITSS_RCV/SEC_ITSS_RCV_CERT/SEC_ITSS_RCV_CERT_19/TP_SEC_ITSS_RCV_CERT_19_01_BO.json [^] A /branches/STF507/requality/TS103096/root/Requirements/SEC_ITSS/SEC_ITSS_RCV/SEC_ITSS_RCV_CERT/SEC_ITSS_RCV_CERT_19.json [^] |
(0013866) Denis Filatov (administrator) 24-02-2016 12:53 |
There is no restriction in the spec to limit region type to already specified values, only restriction of use some reserved types. I think this is the inconsistance in the spec: it is impossible to compare unknown regions. So from the security point of view, the TP proposal is correct but I can not put it to the test suite because it is not conformed to the specification. Do we have to make a change request to the base spec? |
Issue History | |||
Date Modified | Username | Field | Change |
12-02-2016 14:21 | Peter Felber | New Issue | |
12-02-2016 14:21 | Peter Felber | Status | new => assigned |
12-02-2016 14:21 | Peter Felber | Assigned To | => Denis Filatov |
24-02-2016 12:48 | Denis Filatov | Checkin | |
24-02-2016 12:48 | Denis Filatov | Note Added: 0013865 | |
24-02-2016 12:53 | Denis Filatov | Note Added: 0013866 | |
24-02-2016 12:53 | Denis Filatov | Status | assigned => feedback |
MantisBT 1.2.14 [^] Copyright © 2000 - 2024 MantisBT Team |