Open rg7663 opened 4 years ago
Any news about this? I too get this error even though it should simply say it is revoked.. this should not raise an AttributeError
.
No, currently I don’t have time for development of this package, and it doesn’t appear anyone has sent a PR with tests.
Weirdly I now see you did fix this in commit 80119e8fa801327a34bdff4f73092f550919d169 (no idea how I missed that, I could swear that wasn't there when I checked..).
@wbond Anyway - do you have plans for publishing a release? We could really use the library as-is, but the latest release is from 2016. Thanks!
@wbond - would you be able to publish a new release?
When performing OCSP revocation checks against https://revoked.badssl.com/ using the function
certvalidator.validate.verify_ocsp_response()
I get the following:It seems that the function assumes that a revocation reason is given, whereas the RFC states (end of https://tools.ietf.org/html/rfc6960#section-4.2.1) that revocation reason is optional (
revocationReason [0] EXPLICIT CRLReason OPTIONAL
), and hencerevocation_info['revocation_reason']
can be an instance of Void. I would therefore suggest thatverify_ocsp_response()
should check whetherrevocation_info['revocation_reason']
is Void first before trying get the human_friendly property, or that Void should have a human_friendly property.