7182500 OCSP revocation checking fails if OCSP response does not contain certificates
Xuelei Fan
xuelei.fan at oracle.com
Wed Jul 11 01:40:39 UTC 2012
Looks fine to me.
Xuelei
On 7/11/2012 4:34 AM, Vincent Ryan wrote:
> Hello,
>
> Please review the following changeset for JDK 7u6:
> http://cr.openjdk.java.net/~vinnie/7182500/
>
> The bug report is at:
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7182500
>
> The error occurs when an OCSP responder opts not to return the signing
> certificate used in an OCSP response. The fix is to set the default
> signer cert to be the cert of the issuer of the cert being validated.
>
> This fix addresses a regression in the OCSP client which was introduced
> in my fix for CR 7168191
> (http://hg.openjdk.java.net/jdk7u/jdk7u6-dev/jdk/rev/52ab0f489dab).
>
> Thanks.
More information about the security-dev
mailing list