United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-8004846 Time-specific certpath validation applies to OCSP response validity period
JDK-8004846 : Time-specific certpath validation applies to OCSP response validity period

Details
Type:
Bug
Submit Date:
2012-12-11
Status:
Closed
Updated Date:
2013-07-19
Project Name:
JDK
Resolved Date:
2012-12-20
Component:
security-libs
OS:
Sub-Component:
Empty
CPU:
Priority:
P3
Resolution:
Fixed
Affected Versions:
7u10
Fixed Versions:
7u40 (b08)

Related Reports
Backport:
Relates:

Sub Tasks

Description
PKIX certpath validation is normally performed using the current time.
It may also be requested to be performed at a specific time.

When validating a certpath using a specified time then the OCSP response
shall be checked using that time, rather than using the current time.

Specifically, the specified time should be used when validating the 
OCSP response's thisUpdate and nextUpdate, rather than the current time.

                                    

Comments
URL:   http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/0dfac9343651
User:  vinnie
Date:  2012-12-20 18:34:03 +0000

                                     
2012-12-20
URL:   http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/0dfac9343651
User:  lana
Date:  2012-12-28 18:30:44 +0000

                                     
2012-12-28
Verified by java/security/cert/CertPathValidator/OCSP/ValidateUsingOCSPCache.java test on 7u40 b32
                                     
2013-07-05



Hardware and Software, Engineered to Work Together