Integrated: 8277246: Check for NonRepudiation as well when validating a TSA certificate

Weijun Wang weijun at openjdk.java.net
Wed Nov 17 20:07:48 UTC 2021


On Tue, 16 Nov 2021 19:36:11 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> There is no need to check for the KeyUsage extension when validating a TSA certificate.
> 
> A test is modified where a TSA cert has a KeyUsage but without the DigitalSignature bit.

This pull request has now been integrated.

Changeset: 262d0700
Author:    Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/262d07001babcbe7f9acd2053aa3b7bac304cf85
Stats:     6 lines in 2 files changed: 3 ins; 0 del; 3 mod

8277246: Check for NonRepudiation as well when validating a TSA certificate

Reviewed-by: xuelei, mullan

-------------

PR: https://git.openjdk.java.net/jdk/pull/6416


More information about the security-dev mailing list