To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=54279 Issue #:|54279 Summary:|SecurityEnvironment::verify returns unnessicaryly |INVALID Component:|xml Version:|680m125 Platform:|All URL:| OS/Version:|Windows XP Status:|NEW Status whiteboard:| Keywords:| Resolution:| Issue type:|DEFECT Priority:|P3 Subcomponent:|code Assigned to:|mt Reported by:|jl
------- Additional comments from [EMAIL PROTECTED] Tue Sep 6 09:23:37 -0700 2005 ------- The service com::sun::star::xml::crypto::SecurityEnvironment can be used to verify certificates. Verification of a certificate can return a combination of these values: com::sun::star::security::CertificateValidity::INVALID com::sun::star::security::CertificateValidity::UNKNOWN_REVOKATION When one examines the certificate in the internet options dialog then the certificate and its root certificate are displayed as valid. The reason for this return value is a mapping from the platform dependent error code: CERT_TRUST_REVOCATION_STATUS_UNKNOWN I suppose that this is the result of a missing Certificate Distribution Point extension in the certificates. The Windows certificate dialog seems to ignore this. I propose to change the service so that CERT_TRUST_REVOCATION_STATUS_UNKNOWN does not result in returning CertificateValidity::Invalid. So that the calling application can decide if it regards the certificate as trustworthy. I've found a good article about the certificate handling in Windows: http://www.microsoft.com/technet/security/topics/cryptographyetc/tshtcrl.mspx?#i --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]