Issue 11220043: code review 11220043: go.crypto/ocsp: pass in the issuing certificate.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 11220043: code review 11220043: go.crypto/ocsp: pass in the issuing certificate. (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
10 years, 9 months ago by agl1

Modified:
10 years, 9 months ago

Reviewers:

CC:
golang-dev, dave, Paul van Brouwershaven

Visibility:
Public.

Description

go.crypto/ocsp: pass in the issuing certificate. Paul van Brouwershaven pointed out that it would be better to pass in the issuing certificate and have the verification be done in the OCSP package than to expect the caller to deal with the difference between responses with and without a responder certificate.

Patch Set 1 #

Patch Set 2 : diff -r 81eec9b5ce2d https://code.google.com/p/go.crypto/ #

Patch Set 3 : diff -r 81eec9b5ce2d https://code.google.com/p/go.crypto/ #

Patch Set 4 : diff -r 96563f6f87f6 https://code.google.com/p/go.crypto/ #

Created: 10 years, 9 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+75 lines, -5 lines)			Patch
	M	ocsp/ocsp.go	View	1 2	2 chunks	+14 lines, -3 lines	0 comments	Download
	M	ocsp/ocsp_test.go	View	1	3 chunks	+61 lines, -2 lines	0 comments	Download

Messages

Total messages: 4

Expand All Messages | Collapse All Messages

Paul van Brouwershaven

I tested the OCSP lookup on every certificate in the chain for all major CA ...

10 years, 9 months ago (2013-07-29 15:14:25 UTC) #2

agl1

Hello golang-dev@googlegroups.com, dayveday@gmail.com, paul@vanbrouwershaven.com (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://code.google.com/p/go.crypto/

10 years, 9 months ago (2013-07-29 19:32:18 UTC) #3

agl1

10 years, 9 months ago (2013-07-29 19:32:26 UTC) #4

*** Submitted as
https://code.google.com/p/go/source/detail?r=9c36e9eca3b5&repo=crypto ***

go.crypto/ocsp: pass in the issuing certificate.

Paul van Brouwershaven pointed out that it would be better to pass in
the issuing certificate and have the verification be done in the OCSP
package than to expect the caller to deal with the difference between
responses with and without a responder certificate.

R=golang-dev, dayveday, paul
CC=golang-dev
https://codereview.appspot.com/11220043

Expand All Messages | Collapse All Messages