Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P2
Fix Version/s: 7
Affects Version/s: 7
Component/s: security-libs
Labels:
- verify-pit

Subcomponent:
java.security
Introduced In Build:
b05
Introduced In Version:

6u21
Resolved In Build:
b100
CPU:

generic
OS:

generic
Verification:
Verified

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-2194316	6u21	Weijun Wang	P2	Resolved	Fixed	b06
JDK-2194455	OpenJDK6	Weijun Wang	P2	Resolved	Fixed	b20

Fix for 6948803 breaks PKIXValidator, it checks if the head of a input chain using a Map<X500Principal,Cert>. If there are multiple trust anchors with the same dn, this map is not complete. In this case, a trust anchor might be checked as an intermediate CA. Since the check for an intermediate CA is much more restrictive, some valid chains are rejected.

backported by

JDK-2194316 regression: PKIXValidator fails when multiple trust anchors have same dn

Resolved

JDK-2194455 regression: PKIXValidator fails when multiple trust anchors have same dn

Resolved

relates to

JDK-2193255 CertPath validation regression caused by SHA1 replacement root and MD2 disable feature

Resolved

Assignee:: Weijun Wang

Reporter:: Weijun Wang

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2010-06-05 19:10

Updated:: 2011-03-07 15:30

Resolved:: 2011-03-07 15:30

Imported:: 16/Sep/12 2:25 AM

Indexed:: 17/Jul/12 10:25 PM

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates