7182500 OCSP revocation checking fails if OCSP response does not contain certificates
Vincent Ryan
vincent.x.ryan at oracle.com
Wed Jul 11 10:55:43 UTC 2012
Thanks Xuelei.
On 07/11/12 02:40 AM, Xuelei Fan wrote:
> Looks fine to me.
>
> Xuelei
>
> On 7/11/2012 4:34 AM, Vincent Ryan wrote:
>> Hello,
>>
>> Please review the following changeset for JDK 7u6:
>> http://cr.openjdk.java.net/~vinnie/7182500/
>>
>> The bug report is at:
>> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7182500
>>
>> The error occurs when an OCSP responder opts not to return the signing
>> certificate used in an OCSP response. The fix is to set the default
>> signer cert to be the cert of the issuer of the cert being validated.
>>
>> This fix addresses a regression in the OCSP client which was introduced
>> in my fix for CR 7168191
>> (http://hg.openjdk.java.net/jdk7u/jdk7u6-dev/jdk/rev/52ab0f489dab).
>>
>> Thanks.
>
>
More information about the security-dev
mailing list