Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8071

Add an option to CMP profiles to deliver all error messages signed

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Provenance:
      Ordered by Customer

      Description

      In CMP we currently deliver some error messages (as required by the RFC) as signed, but all others as unsigned as to not tax the HSM or open up for DOS attacks via CMP. 

      A customer has requested for all error messages to be delivered signed instead, so we should add in this option. 

      Don't forget that CMP error states are documented in the documentation, so this should be updated as well. 

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            mikek Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:

                Time Tracking

                Estimated:
                Original Estimate - 4 days
                4d
                Remaining:
                Remaining Estimate - 4 days
                4d
                Logged:
                Time Spent - Not Specified
                Not Specified