You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by coyotesqrl <gi...@git.apache.org> on 2017/08/04 15:25:28 UTC

[GitHub] wss4j pull request #6: WSS-611 Fixes logic for extracting NameConstraint inf...

GitHub user coyotesqrl opened a pull request:

    https://github.com/apache/wss4j/pull/6

    WSS-611 Fixes logic for extracting NameConstraint information from a cert

    - Adds a new property so users can affirm that their cert provider can handle TrustAnchors with NameConstraints added and updates the Merlin and MerlinAKI crypto implementations to respect that and either add the NameConstraints or set them to null.
    - Updates the CertificateStore crypto implementation to correctly handle certificate chains.
    Note that this change does not allow for conditional inclusion of NameConstraints on TrustAnchors for the CertificateStore crypto implementation. There are several outstanding issues with that implementation still remaining after this update.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/coyotesqrl/wss4j WSS-611

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/wss4j/pull/6.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #6
    
----
commit b74d8c60da560039e63e818efe80d4afa3120e11
Author: Richard A. Porter <ri...@connexta.com>
Date:   2017-08-03T20:52:41Z

    WSS-611 Fixes logic for extracting NameConstraint information from a cert.
    
    Adds a new property so users can affirm that their cert provider can handle TrustAnchors with NameConstraints added and updates the Merlin and MerlinAKI crypto implementations to respect that and either add the NameConstraints or set them to null.
    Updates the CertificateStore crypto implementation to correctly handle certificate chains.
    Note that this change does not allow for conditional inclusion of NameConstraints on TrustAnchors for the CertificateStore crypto implementation. There are several outstanding issues with that implementation still remaining after this update.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org

[GitHub] wss4j pull request #6: WSS-611 Fixes logic for extracting NameConstraint inf...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/wss4j/pull/6


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org