EDO-26 OCD verifier do not trust CA certificates registered in TSL (if CA certificate path is not in TSL)

Published on: 04/12/2012
Discussion

OCD verifier should trust CA certificate if it is registered in TSL.

We are trying to validate OCD signed with good real life certificate and it fails,
because after verifier successfully finds CA certificate in TSL, it continues to check it's parent certificates
(it should be enough to check CA certificate itself, as CA parent certificates are not registered in real life TSL)

1. OCD tested: ocd-INVALID-PROD-RCSC-alladin-usb.zip
2. log with comments in red: bug5.docx

 

Component

Code

Category

bug
Attachments