VOMS Java APIs authorityKeyIdentifier AC extension validation is not aligned with C/C++ VOMS APIs

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major
    • VOMS-1020
    • Affects Version/s: VOMS API Java v. 3.2.0
    • Component/s: api-java
    • Security Level: Public (Visbile by non-authn users.)
    • None

      The authorityKeyIdentifier extension validation is not aligned with VOMS native APIs behavior. Currently, the Java APIs only validates the extension criticality.

      The API should instead check that the AuthorityKeyIdentifier extension is consistent with the VOMS attribute authority certificate that is used to sign the AC.

      The API also provides a buggy encoding of the AuthorityKeyIdentifier, since it embeds the extension extracted from the VOMS AA certificate in the AC.

            Assignee:
            Unassigned
            Reporter:
            Andrea Ceccanti
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: