You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2018/11/16 18:26:00 UTC
[jira] [Commented] (PDFBOX-4381) Revocation CRL check should be
done at signing time in AddValidation example
[ https://issues.apache.org/jira/browse/PDFBOX-4381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16689811#comment-16689811 ]
ASF subversion and git services commented on PDFBOX-4381:
---------------------------------------------------------
Commit 1846738 from tilman@apache.org in branch 'pdfbox/trunk'
[ https://svn.apache.org/r1846738 ]
PDFBOX-4381: perform CRL check for revocation at signing time + refactor
> Revocation CRL check should be done at signing time in AddValidation example
> ----------------------------------------------------------------------------
>
> Key: PDFBOX-4381
> URL: https://issues.apache.org/jira/browse/PDFBOX-4381
> Project: PDFBox
> Issue Type: Bug
> Components: Signing
> Affects Versions: 2.0.12
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Priority: Major
> Fix For: 2.0.13, 3.0.0 PDFBox
>
>
> {{crl.isRevoked(cert)}} in CRLHelper.java is not correct, a certificate could have been valid at signing time and be invalidated later, e.g. when an employee signs, but loses his card at the after-signing-party. The correct way to do it is in {{CRLVerifier.verifyCertificateCRLs()}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org