Page MenuHome GnuPG
Create Task
Maniphest T2039

CRL issuingDistributionPoint support
Closed, WontfixPublic
Actions

Description

As in https://lists.gnupg.org/pipermail/gnupg-devel/2007-October/024011.html,
asking for support of issuingDistributionPoint (2.5.29.28) in gnupg/dirmngr's CRL
code.

DigiCert's CRLs have this extension and mark it as critical (although it does not
have much useful information), for example
[http://crl3.digicert.com/TERENAPersonalCA3.crl].

Details

Version
2.1.6

Related Objects

Event Timeline

grawity added a subscriber: grawity.Jul 13 2015, 12:38 PM

655_TERENAPersonalCA3.crl3 KBDownload

grawity added projects: dirmngr, Feature Request.Jul 13 2015, 12:38 PM
grawity set Version to 2.1.6.
werner added a project: gnupg.Jan 22 2016, 1:17 PM
marcus closed this task as Wontfix.Jul 1 2017, 1:52 PM
marcus claimed this task.
marcus added a subscriber: marcus.

Digicert TERENAPersonalCA3 doesn't use issuingDistributionPoint anymore. It's hard to survey CRLs that are actually in use, so I don't know if there are other important users, but the fact that nobody else reported such problems is an indication that it is not widely used among dirmngr users. Supporting this is a lot of work, because it makes validating certificates much more complicated, so this is unlikely to happen without strong motivation, so I am closing this here.

werner mentioned this in T6545: Support CRL extension issuingDistributionPoint.Jun 22 2023, 11:44 AM
werner added a subscriber: werner.Jun 22 2023, 11:46 AM

See for T6545 for a new request to support IDP.