View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001026||Main CAcert Website||certificate issuing||public||2012-03-24 07:50||2013-02-12 21:45|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Summary||0001026: Server Certificate was revoked but not by the user|
|Description||According to Ticket s20120322.119 a user reported that one of his server certificates with a expiration date 2013-01-28 16:16:19 was revoked on 2012-03-20 01:21:35.|
The user reports that he did not revoke the certificate himself.
|Tags||No tags attached.|
|related to||0000773||closed||BenBE||No confirmation of revocation of server certificate|
|related to||0001025||needs work||NEOatNHNG||Domain Dispute strange behaviour / Domain Dispute issue|
|related to||0000935||new||Pending of client certificates with an email address contains a special character|
|related to||0000922||closed||NEOatNHNG||CAcert application code problem causing missing "certificate about to expire" messages|
|related to||0000774||new||No e-mail conformation when revoking org client certificate|
|related to||0000483||closed||INOPIAE||Please send more verbose emails concerning certificate revocation|
|related to||0000429||new||Multiple server certificate renewals deleted a certificate|
|related to||0000448||closed||NEOatNHNG||when revoking a certificate, confusing info is given to the user|
|related to||0000893||closed||INOPIAE||Extend Delete account feature for support|
This case was handled under Arbitration a20120324.1
Discovery process revealed no security leak.
User removed a domain with a link to a multiple SAN's (10 in total) server certificate.
On domain removal the system automaticly triggers a revoke server certificates process that will revoke all affected server certs. In case of a multiple SAN certificate this becomes inforseeable as only the main CN will be visible in the server certs overview list.
Its now upto the Software team, to find a solution to advance the server certs overview to list all related domains that are affected by a domain removal or to add a page in the delete domain process that lists all affected server certificates and requests a confirmation by the user who triggered the delete domain process:
=> This is the list of all affected server certificates that are affected by your delete domain request:
Do you want to proceed with the delete domain process?
||In addition the multi-domain check needs to be implented in the Dispute Domain routine.|
|2012-03-24 07:50||INOPIAE||New Issue|
|2012-04-15 17:33||Uli60||Note Added: 0002929|
|2012-04-15 17:33||Uli60||Assigned To||=> Uli60|
|2012-04-15 17:33||Uli60||Status||new => needs feedback|
|2012-12-22 20:31||Werner Dworak||Relationship added||related to 0000773|
|2012-12-22 20:33||Werner Dworak||Relationship added||related to 0001025|
|2012-12-22 20:43||Werner Dworak||Relationship added||related to 0000935|
|2012-12-22 20:46||Werner Dworak||Relationship added||related to 0000922|
|2012-12-22 20:49||Werner Dworak||Relationship added||related to 0000774|
|2012-12-22 20:52||Werner Dworak||Relationship added||related to 0000483|
|2012-12-22 20:53||Werner Dworak||Relationship added||related to 0000429|
|2012-12-22 20:54||Werner Dworak||Relationship added||related to 0000448|
|2013-01-19 07:51||INOPIAE||Note Added: 0003707|
|2013-01-19 07:51||INOPIAE||Status||needs feedback => needs work|
|2013-02-12 21:45||Uli60||Relationship added||related to 0000893|