Failing Subject Verification for Organizationally-Bound Certificates

JoshuaJeong / nhin-d

Automatically exported from code.google.com/p/nhin-d

0 stars 0 forks source link

Failing Subject Verification for Organizationally-Bound Certificates #214

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

Steps to reproduce the problem:

1. NIST Transport Testing Tool: http://transport-testing.nist.gov/ttt/
2. Select "Send a Direct Message"
3. Select signing certificate type of INVALID_CERT

Expected behavior: 

Message should be rejected and no Processed MDNs sent.

I have attached the extracted certificate in the email from the TTT 
INVALID_CERT test.
The sender email in my test was InvalidCert@ttt.transport-testing.org

Original issue reported on code.google.com by joeshook@gmail.com on 24 May 2013 at 5:01

GoogleCodeExporter commented 8 years ago

Attaching certificate print from openssl tool...

Original comment by joeshook@gmail.com on 24 May 2013 at 5:03

Attachments:

InvalidCert.txt

GoogleCodeExporter commented 8 years ago

Code has been committed to fix this.  Not release as of yet.

Original comment by joeshook@gmail.com on 24 May 2013 at 10:56

GoogleCodeExporter commented 8 years ago

[deleted comment]

GoogleCodeExporter commented 8 years ago

The change for this is in changeset 2281.

Now compliant with section 4.1.2 of the Applicability Statement for Secure 
Health Transport v1.1

Original comment by joeshook@gmail.com on 12 Jul 2013 at 3:57