You are viewing a plain text version of this content. The canonical link for it is here.

Posted to tsik-dev@ws.apache.org by "Santhanakrishnan, Gopikrishna" <gs...@verisign.com> on 2006/03/14 22:18:13 UTC

TSIK TrustVerifier timestamp support

Hi
 
I have the attached enhancement (source and diff to base)  to TSIK API
to support timestamp based trust verification to achieve the following
needs:
 
*  Whether the Certificate used in XML Signature was valid at the time
of signing?
*  Whether the CRL was revoked at the time of signing?
 
I have taken liberty to design with the following method to
TrustVerifier interface 
    void verifyTrust(X509Certificate[] chain, Date date) throws
TrustVerificationException
 
And added implementation for this metho for all TrustVerifiers
especially X509TrustVerifier and CRLTrustVerifier to achieve the above
requirements.
 
Please provide your inputs.
 
Thanks 
Gopi