View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000448 | Main CAcert Website | certificate issuing | public | 2007-08-20 18:23 | 2014-06-29 10:22 |
| Reporter | cardoe | Assigned To | NEOatNHNG | ||
| Priority | low | Severity | tweak | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 2007 | ||||
| Target Version | 2014 Q1 | Fixed in Version | 2014 Q1 | ||
| Summary | 0000448: when revoking a certificate, confusing info is given to the user | ||||
| Description | I talked with sourcerer on IRC about this. Basically when you revoke a certificate, it's revoked immediately but not added to the CRL. This in between time results in 1970-01-01 10:00:01 being displayed as the date/time for the revoke. This is technically incorrect and if the user gets the CRL at this time it doesn't include the just revoked certs. So it's confusing to the user since there is no indication as to what's going on.. sourcerer suggested and I think it would help if the following was changed. <sourcerer> Yes, changing the message from "The certificate has been revoked" to "The certificate has been revoked. It will be added to the CertificateRevocationList (CRL) soon." Also on the web interface possibly changing the 1970 date/time to "pending". | ||||
| Tags | No tags attached. | ||||
| Reviewed by | NEOatNHNG, BenBE | ||||
| Test Instructions | |||||
| related to | 0001113 | needs work | BenBE | Change english textes according to the wiki page https://wiki.cacert.org/Software/TranslationMisspelling |
| related to | 0001026 | needs work | Uli60 | Server Certificate was revoked but not by the user |
|
|
Has been entered in list of bug 1113 in https://wiki.cacert.org/Software/TranslationMisspelling. |
|
|
I pushed a fix to https://github.com/INOPIAE/CAcert/tree/bug-448 test scenario: Just revoke all kind of certificates and look at the success message. |
|
|
I revoked a valid client certificate and got: "Now revoking the following certificates: Certificate for 'KatziAdmin@cacert.org' with the serial no '4E9A' has been revoked. All listed certificates will be added to the Certificate Revocation List (CRL) soon." -> ok I revoked an expired client certificate and got the same kind of message. -> ok Both certificates were marked as revoked in the certificate list afterwards. -> ok I revoked an expired server certificate and got the same kind of message. It was displayed as revoked in the certificate list afterwards. -> ok I revoked an expired org server certificate and got the same kind of message. It was displayed as revoked in the certificate list afterwards. -> ok I revoked an expired org client certificate and got the same kind of message. It was displayed as revoked in the certificate list afterwards. -> ok => ok |
|
|
I revoked a valid client certificate and got: Die folgenden Zertifikate werden jetzt widerrufen: Certificate for 'obelix@acme.com' with the serial no '4EAC' has been revoked. All listed certificates will be added to the Certificate Revocation List (CRL) soon. -> ok expired client certificate same kind of message -> ok Both certificates were marked as revoked in the certificate list afterwards. -> ok -> ok |
|
|
As there areat least two successful tests please review. |
|
|
Minor change: inlined static string instead of mangling it through printf(). Please make a short test and second review. |
|
|
I did the same tests as above again. There was no change in the behavior compared to above test. => ok |
|
|
Follow up patch from BenBE for XSS prevention. Still OK. Please test. |
|
|
Some minor issue in the patch had to be fixed. Otherwise the patch was OK. Review OK. |
|
|
I tried it again with client certificates, with the same result. Since the last changes should not affect anything visible did not test the others, again. => ok |
|
|
I revoked 3 certificates at the same time. For each certificates the information email address and serial no were given. => ok |
|
|
At least two tester tested successful. Ready to deploy. |
|
|
Mail sent to critical admins. |
|
|
The fix has been installed on the production server on March 24, 2014. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2014-03/msg00012.html |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2007-08-20 18:23 | cardoe | New Issue | |
| 2007-10-24 04:13 | evaldo | Priority | normal => low |
| 2007-10-24 04:13 | evaldo | Status | new => confirmed |
| 2007-10-24 04:13 | evaldo | Projection | none => tweak |
| 2012-12-22 20:54 | Werner Dworak | Relationship added | related to 0001026 |
| 2013-01-10 14:45 | Werner Dworak | Note Added: 0003635 | |
| 2013-01-10 14:45 | Werner Dworak | Status | confirmed => needs work |
| 2013-01-10 14:45 | Werner Dworak | Relationship added | related to 0001113 |
| 2013-01-10 14:55 | Werner Dworak | Note Edited: 0003635 | |
| 2014-01-26 16:53 | INOPIAE | Note Added: 0004538 | |
| 2014-01-26 16:53 | INOPIAE | Assigned To | => BenBE |
| 2014-01-26 16:53 | INOPIAE | Status | needs work => fix available |
| 2014-01-28 20:27 | BenBE | Reviewed by | => BenBE |
| 2014-01-28 20:27 | BenBE | Assigned To | BenBE => NEOatNHNG |
| 2014-01-28 20:27 | BenBE | Status | fix available => needs review & testing |
| 2014-01-28 20:27 | BenBE | Product Version | => 2007 |
| 2014-01-28 20:27 | BenBE | Target Version | => 2014 Q1 |
| 2014-01-28 20:50 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable e6ed6581 |
| 2014-01-28 20:50 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 0a3e593b |
| 2014-01-28 22:26 | Eva | Note Added: 0004549 | |
| 2014-02-18 21:42 | MartinGummi | Note Added: 0004590 | |
| 2014-02-18 22:00 | INOPIAE | Note Added: 0004591 | |
| 2014-02-18 22:00 | INOPIAE | Status | needs review & testing => needs review |
| 2014-02-25 22:15 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 2bc1cb6a |
| 2014-02-25 22:15 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable aad62613 |
| 2014-02-25 22:24 | NEOatNHNG | Reviewed by | BenBE => NEOatNHNG |
| 2014-02-25 22:24 | NEOatNHNG | Note Added: 0004608 | |
| 2014-02-25 22:24 | NEOatNHNG | Status | needs review => needs review & testing |
| 2014-02-25 22:34 | Eva | Note Added: 0004609 | |
| 2014-03-11 22:15 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable c19594ae |
| 2014-03-11 22:15 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 8ac27d6e |
| 2014-03-11 22:15 | NEOatNHNG | Note Added: 0004628 | |
| 2014-03-11 22:17 | BenBE | Note Added: 0004629 | |
| 2014-03-11 22:18 | BenBE | Reviewed by | NEOatNHNG => NEOatNHNG, BenBE |
| 2014-03-11 22:18 | BenBE | Status | needs review & testing => needs testing |
| 2014-03-11 22:34 | Eva | Note Added: 0004631 | |
| 2014-03-18 22:55 | INOPIAE | Note Added: 0004657 | |
| 2014-03-18 22:56 | INOPIAE | Note Added: 0004658 | |
| 2014-03-18 22:56 | INOPIAE | Status | needs testing => ready to deploy |
| 2014-03-21 18:12 | NEOatNHNG | Note Added: 0004672 | |
| 2014-03-21 18:15 | NEOatNHNG | Source_changeset_attached | => cacert-devel release 0d791f45 |
| 2014-03-24 11:46 | wytze | Note Added: 0004681 | |
| 2014-03-24 11:46 | wytze | Status | ready to deploy => solved? |
| 2014-03-24 11:46 | wytze | Fixed in Version | => 2014 Q1 |
| 2014-03-24 11:46 | wytze | Resolution | open => fixed |
| 2014-06-29 10:22 | INOPIAE | Status | solved? => closed |
