Bug 62548 - Prevent duplicate certificates in one trust input path
Summary: Prevent duplicate certificates in one trust input path
Status: RESOLVED FIXED
Alias: None
Product: p11-glue
Classification: Unclassified
Component: p11-kit (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Stef Walter
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-03-20 08:06 UTC by Stef Walter
Modified: 2013-03-20 15:24 UTC (History)
2 users (show)

See Also:
i915 platform:
i915 features:

Attachments
trust: Predictable behavior with duplicate certificates in token (9.49 KB, patch)
2013-03-20 15:22 UTC, Stef Walter 		Details | Splinter Review
View All

Description Stef Walter 2013-03-20 08:06:58 UTC 
We should prevent duplicate cetrificates coming in on one trust input path. This leads to unreliable behavior. In addition to warning about it we should only allow one certificate to be loaded. We prioritize as follows:

 * Blacklisted certificate
 * Anchor certificate
 * Other certificate
Comment 1 Stef Walter 2013-03-20 15:22:48 UTC 
Created attachment 76825 [details] [review]
trust: Predictable behavior with duplicate certificates in token
Comment 2 Stef Walter 2013-03-20 15:24:04 UTC 
Attachment 76825 [details] pushed as 0ecabc8 - trust: Predictable behavior with duplicate certificates in token

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.