mace-opensaml-users - Should SignatureValidator validate whether a certificate is expired or active?
Subject: OpenSAML user discussion
List archive
- From:
- To:
- Subject: Should SignatureValidator validate whether a certificate is expired or active?
- Date: Wed, 1 Jul 2009 12:59:06 -0400 (EDT)
While testing we found that the SignatureValidator.validate method indicated
that a saml a signature was valid using an expired certificate. Is this
appropriate behavior or should the validate method also validate the
certificate?
Is there some other place that the certificate is validated? We have a very
simple implementation and are not using a trust engine.
Its not a big deal as we've added code to check the validity of the
certificate before validating the signature. I'm just wondering if this is a
bug or by design?
Thanks.
- Should SignatureValidator validate whether a certificate is expired or active?, bryn . ryans, 07/01/2009
- Re: [OpenSAML] Should SignatureValidator validate whether a certificate is expired or active?, Chad La Joie, 07/01/2009
- RE: [OpenSAML] Should SignatureValidator validate whether a certificate is expired or active?, Bryn Ryans, 07/01/2009
- Re: [OpenSAML] Should SignatureValidator validate whether a certificate is expired or active?, Chad La Joie, 07/01/2009
Archive powered by MHonArc 2.6.16.