Opened 2 years ago

Last modified 2 years ago

#2035 accepted defect

Ensure excess data in key certs is rejected

Reported by: zzz Owned by: zzz
Priority: major Milestone: 0.9.32
Component: api/general Version: 0.9.31
Keywords: Cc: str4d
Parent Tickets: Sensitive: no

Description

As raised by orignal. According to str4d, based on a code inspection, it is not. To be verified via testing.

Subtickets

Change History (3)

comment:1 Changed 2 years ago by zzz

Status: newaccepted

Also update common structures spec to emphasize this.

comment:2 Changed 2 years ago by zzz

Partial fix in 8374318b8b49df7f47dfa0d2653413ceccab9b52 0.9.31-2. Not clear how to do it for crypto data in key certs, or for non-key certs, without affecting future upward compatibility.

comment:3 Changed 2 years ago by zzz

Note: See TracTickets for help on using tickets.