[PDFBOX-4381] Revocation CRL check should be done at signing time in AddValidation example - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.12
Fix Version/s: 2.0.13, 3.0.0 PDFBox
Component/s: Signing
Labels:
None

Description

crl.isRevoked(cert) in CRLHelper.java is not correct, a certificate could have been valid at signing time and be invalidated later, e.g. when an employee signs, but loses his card at the after-signing-party. The correct way to do it is in CRLVerifier.verifyCertificateCRLs().

Attachments

Activity

People

Assignee:: Tilman Hausherr

Reporter:: Tilman Hausherr

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/Nov/18 17:47

Updated:: 02/Dec/18 17:06

Resolved:: 16/Nov/18 18:51