Log In
cfu
Christina Fu •
Joined 9 years ago
Overview
Projects
6
Forks
0
Groups
0
Starred
0
Issues
Pull Requests
Issues for
cfu
Open
Closed
All
Issues Created
issues
#1375
TPS rewrite: provide cert/key retention for ExternalReg
6
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.0
blocker
#2389
Installation: subsystem certs could have notAfter beyond CA signing cert in case of external or existing CA
7
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
critical
#1412
Should disable the caCrossSignedCACert profile
5
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.5
major
#2271
[TMS] for key archival/recovery, not to record certain data in ldap and logs
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.2
major
#3
JSS has wrong encoding for ecdsa with sha* AlgorithmIdentifier
1
Opened
6 years ago
by
cfu
. Modified
6 years ago
jss
4.4.2
#12
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier decode/encode process alters original data
1
Opened
6 years ago
by
cfu
. Modified
6 years ago
jss
#2246
[MAN] Man Page: AuditVerify
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1597
KRA: key archival/recovery via cli - should honor encryption/decryption flags
3
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
critical
#2481
ECC keys not supported for signing audit logs
7
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.12
blocker
#1648
[RFE] provide separate cipher lists for CS instances acting as client and server
5
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.0
critical
#2428
broken request links for CA's system certs in agent request viewing
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1146
Tomcat TPS: missing "keyType" for renewed certs in the cert records
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 08/14 (August)
major
#1190
CA: issuer DN encoding not preserved at issuance with signing cert signed by an external CA
5
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1174
RFE: support external authorization LDAP server
9
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.2
blocker
#1382
KRA: upgrade script maybe needed for CS.cfg to add new audit events added in ticket 1160
4
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.5
major
#1027
TPS rewrite: provide instruction for Token Profile Resolver Plugin Framework
1
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2298
[non-TMS] for key archival/recovery, not to record certain data in ldap and logs
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.3
critical
#1085
Tomcat TPS missing attribute(s) in tokendb token record
5
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 08/14 (August)
major
#826
UID in cert subject hard-coded to "admin" when manually configured through configuration wizard UI panels
2
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.3
major
#1198
TLS support: provide proper TLS default values and ciphers in server.xml
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.2
major
#888
TPS rewrite: provide remote authority functions
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 04/14 (April)
major
#978
TPS connector man page: add revocation routing info
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1681
pkispawn: External CA option: allow shutdown and restart between phase 1 and 2
4
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.0
critical
#2418
[TPS] Some template substitution didn't happen during installation
4
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1312
tomcatjss: missing ciphers
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.3
major
#43
Write design for ECC support in Dogtag
1
Opened
13 years ago
by
cfu
. Modified
4 years ago
dogtagpki
m2
major
#1487
KRA: disable synchronous key recovery
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2340
Revocation failure causes AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST
3
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.3
critical
#1206
TLS range support: code change needed for cs when acting as client
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#2354
[TPS] missing activity log entries via UI and CLI (while correctly recorded in LDAP)
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.3
major
#855
imported CA signing cert could cause violation of subject DN encoding rule during system cert generation at installation
3
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
N/A
major
#2992
servlet profileSubmitCMCSimple throws NPE
4
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.10
minor
#2877
missing Audit Event system cert keys generation
2
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.4
critical
#5318
tomcatjss build failure on FC19
2
Opened
12 years ago
by
cfu
. Modified
7 years ago
releng
#6011
Request for override tag for tomcatjss-7.1.1-1.fc20 and fc21 in tomcatjss FC20 and FC21 branches
5
Opened
10 years ago
by
cfu
. Modified
7 years ago
releng
Fedora 20 Final
#2878
Missing faillure resumption detection and audit event logging at startup
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.5
critical
#2950
Need ECC-specific Enrollment Profiles for standard conformance
4
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.7
critical
#1028
TPS rewrite: provide externalReg functionality
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.4
blocker
#304
TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)
17
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
ECC Effort
major
#362
RFE: CMC ECC
18
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
ECC Effort
major
#767
GenericExtension: allow CA admin to define a list of allowable custom extensions
1
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
minor
#394
Feature: Support multiple Subject Key Identifier generation methods
1
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#396
Federal Bridge CA (FBCA) feature support outdated and no longer working
1
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#492
find out why EC and RSA public keys require different encoding from DRM to TPS
1
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#577
Investigation for replacing crypto.generateCRMFRequest() with new <keygen> tag
3
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 04/14 (April)
major
#1593
[RFE] HSM failover support
3
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
blocker
#683
Investigation for Logging system/messages in #673
4
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#902
Login & logout link/page for CA, KRA, OCSP, TKS
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#841
add support for SUITE B (Encryption)
4
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
FUTURE
blocker
#673
Better (for debugging) log messages or logging system
2
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#810
Add syntax checking for general names
2
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#890
TPS rewrite: connector configuration during installation
11
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 04/14 (April)
major
#867
Need to support TPS as a separate tomcat instance
12
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.5
major
#831
tpaclient with EC key generation causes verifyProof() to fail on server side (TPS)
1
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#858
conformance to RFC5280 re emailAddress attribute in DN v.s. subjectAlternativeName extension
1
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#859
support for issuing certs with individually encoded DN attributes
1
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#862
TPS rewrite: provide connector service for JAVA-based TPS subsystem
4
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 03/14 (March)
major
#892
Need better error handling for HttpConnection send()
1
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#893
subsystems (ca, kra, tks, tps) mixed-up their subsystem certs when sharing same Tomcat instance
6
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 03/14 (March)
major
#943
tomcatjss missing strictCiphers implementation
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
N/A
major
#997
Provide clear TPS User Authentication Plugin instruction
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#941
TPS Rewrite: Enrollment, Recovery, KeyRecovery, revoke/unrevoke processor
7
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 08/14 (August)
critical
#1031
TPS rewrite: add auditing to appropriate places
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1158
CMCRequest does not support internal token
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1175
RFE: allow merging of user-supplied SubjectAlterNameExtension with default ones
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1145
Tomcat TPS: Polish cert record removal when token is removed
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1178
Enrollment profiles standards/practice conformance
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1074
CLI for CRMF
4
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.2
major
#1067
RFE: Shared CA Enrollment Profiles
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1180
RFE: show link to request record from cert display
4
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1173
Directory-based renewal evaluator fails authorization
4
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1370
pkispawn: installation with HSM from external CA should hold off prepending token name in serverCertNick.conf till phase 2
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.4
critical
#1371
pkispawn: need to disable backup_keys when using an HSM (and provide recommendation); allow clones to share keys
4
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.4
critical
#1393
Independent Tomcat subsystems (except for CA) issue
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.4
major
#1447
pkispawn: findCertByNickname fails to find cert in creating shared tomcat subsystems on HSM
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
critical
#1372
installation: creating an independent kra to a subordinate ca failed
8
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.5
critical
#1524
pkispawn: certutil options incorrect for creating ecc admin certificate
3
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
major
#1576
subsystem -> subsystem SSL handshake issue with TLS_ECDHE_RSA_* on Thales HSM
8
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.8
critical
#1491
[RFE] provide server-side key generation and archival for user encryption certificates
3
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1483
[WIKI]: Installation/configuration limited to non-root users for auditing purposes
4
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
1.0 TASKS
major
#1444
pkispawn: installation aborts when HSM contains empty slots
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
major
#1561
Remove temporary RSA ciphers after ECC instance installation/configuration
1
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1644
Installation: allow customization of cipher list before actual installation
6
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.1
minor
#2792
KRA incorrect failed reason in log; lacking fail reason in audit log
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.1
critical
#2229
RFE: stand-alone thin EE clients for various platforms
3
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2360
[TPS] externalReg: extra keytype needed in TPS profile for recovering certs
6
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2880
Need to record CMC requests and responses
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.5
critical
#2303
Key archival fails when KRA is configured with lunasa.
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.1
major
#2352
[TMS] missing KRA agent option for netkeyKeyRecovery requests in "List Request"
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.2
minor
#2446
pkispawn: make subject_dn defaults unique per instance name (for shared HSM)
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.6
major
#2561
Audit Log Signature verification sometimes fails on last entries of previous rotated log file
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.0
critical
#3037
Need proper default subjectDN for CMC request authenticated through SharedToken
2
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.10
#3018
CMC profiles: Some CMC profiles have wrong input class_id
5
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.8
critical
#2879
missing audit event for CS acting as TLS client
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.13
critical
#2951
pkispawn: need to distinguish RSA profiles from ECC profiles
2
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.7
#2926
Obsolete url being referenced from man pages
2
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
0.0 NEEDS_TRIAGE
#3033
CRMFPopClient tool - should allow option to do no key archival
3
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5
blocker
Assigned Issues
issues
#1375
TPS rewrite: provide cert/key retention for ExternalReg
6
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.0
blocker
#1006
Audit logging for TPS REST operations
10
Opened
10 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.3.0.b1
major
#2335
Missing activity logs when formatting/enrolling unknown token
4
Opened
8 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.3.2
major
#1160
audit logging needed: REST API auth/authz; kra for getKeyInfo
8
Opened
10 years ago
by
vakwetu
. Modified
4 years ago
dogtagpki
10.2.4
critical
#1514
TPS: Recovered certs on a token has status expired
4
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.0
major
#2389
Installation: subsystem certs could have notAfter beyond CA signing cert in case of external or existing CA
7
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
critical
#2271
[TMS] for key archival/recovery, not to record certain data in ldap and logs
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.2
major
#3
JSS has wrong encoding for ecdsa with sha* AlgorithmIdentifier
1
Opened
6 years ago
by
cfu
. Modified
6 years ago
jss
4.4.2
#12
org.mozilla.jss.pkix.primitive.AlgorithmIdentifier decode/encode process alters original data
1
Opened
6 years ago
by
cfu
. Modified
6 years ago
jss
#1306
[RFE] Add granularity to token termination in TPS
4
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.3.4
major
#2246
[MAN] Man Page: AuditVerify
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#866
pki-common key fixes (patch-integration)
9
Opened
10 years ago
by
klamb
. Modified
4 years ago
dogtagpki
10.2.1
major
#1295
CA: OCSP via GET does not work
6
Opened
9 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.2.4
critical
#2481
ECC keys not supported for signing audit logs
7
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.12
blocker
#1648
[RFE] provide separate cipher lists for CS instances acting as client and server
5
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.0
critical
#2428
broken request links for CA's system certs in agent request viewing
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1219
CA fails to issue ECC based SCEP certificate
5
Opened
10 years ago
by
alsifius
. Modified
4 years ago
dogtagpki
10.2.2
blocker
#1190
CA: issuer DN encoding not preserved at issuance with signing cert signed by an external CA
5
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#882
TPs Rewrite: Handle Token DB Update
7
Opened
10 years ago
by
jmagne
. Modified
4 years ago
dogtagpki
10.2 - 08/14 (August)
major
#1316
Allow adding SAN to server cert during the install process
12
Opened
9 years ago
by
dminnich
. Modified
4 years ago
dogtagpki
10.2.3
critical
#1027
TPS rewrite: provide instruction for Token Profile Resolver Plugin Framework
1
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2298
[non-TMS] for key archival/recovery, not to record certain data in ldap and logs
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.3
critical
#1508
Missing token prefix for connectors in TPS Installation with HSM
6
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.1
major
#879
TPS Rewrite: Implement User Authentication
2
Opened
10 years ago
by
jmagne
. Modified
4 years ago
dogtagpki
10.2 - 05/14 (May)
major
#823
After recovery of Encryption Cert of Temp Lost token using delegateISEtoken, Changing status to from Temp Lost to found doesn't unrevoke the Encryption Cert.
7
Opened
11 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.2.5
major
#237
Add ECC support for tpsclient
13
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#1198
TLS support: provide proper TLS default values and ciphers in server.xml
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.2
major
#1543
CA Console: edit/view of authentication instance of portalEnrollment type does not load any value that were set during creation
3
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.2.6
major
#888
TPS rewrite: provide remote authority functions
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 04/14 (April)
major
#978
TPS connector man page: add revocation routing info
3
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.5
major
#1458
Unable to enroll cert using caECDirUserCert profile
2
Opened
9 years ago
by
mrniranjan
. Modified
4 years ago
dogtagpki
10.2.6
major
#1539
Unable to create ECC KRA Instance when kra admin key type is ECC
3
Opened
9 years ago
by
mrniranjan
. Modified
4 years ago
dogtagpki
10.2.6
major
#2617
Allow CA to process pre-signed CMC non-signing certificate requests
5
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
blocker
#1459
Dogtag clients cannot connect when CS is configured with ECC
4
Opened
9 years ago
by
mrniranjan
. Modified
4 years ago
dogtagpki
10.2.6
minor
#1438
pkispawn: SSL_ForceHandshake issue for non-CA on HSM on both shared and nonshared tomcat instances
6
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.2.6
critical
#2496
Cert/Key recovery is successful when the cert serial number and key id on the ldap user mismatches
5
Opened
8 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.7
major
#2217
Invalid signature in TPS audit log
4
Opened
8 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.3.0.b1
major
#43
Write design for ECC support in Dogtag
1
Opened
13 years ago
by
cfu
. Modified
4 years ago
dogtagpki
m2
major
#575
[RFE] TPS Recovery Enhancement - Framework & Prototype
7
Opened
11 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.1 - 08/13 (August)
critical
#1309
Recovering of a revoked cert erroneously reflects "active" in the token db cert entry
10
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.0
critical
#1206
TLS range support: code change needed for cs when acting as client
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1410
Issue with Generic Extension being critical
2
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.2.5
critical
#2788
Missing CN in user signing cert would cause error in cmc user-signed
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.10
critical
#447
RFE: Mapping tokens to tokentype
5
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.2 Backlog
critical
#1963
CRL generation enters loop when CA loses connection to netHSM.
3
Opened
9 years ago
by
dsirrine
. Modified
4 years ago
dogtagpki
10.3.0.a1
major
#252
TMS - ECC Key Recovery
2
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#1308
[RFE] Provide ability to perform off-card key generation for non-encryption token keys
4
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.3.4
major
#2742
CMC: CMC request are available on the CA Agent page even after Rejected status in Audit logs
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.0
critical
#2992
servlet profileSubmitCMCSimple throws NPE
4
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.10
minor
#2921
CMC: Revocation works with an unknown revRequest.issuer
3
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.5
critical
#2950
Need ECC-specific Enrollment Profiles for standard conformance
4
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.7
critical
#4
Add support for TLS_*_SHA384 ciphers
1
Opened
6 years ago
by
mharmsen
. Modified
6 years ago
jss
#240
Dogtag 10: Create "official" Fedora 18 tomcatjss 7.0 package
3
Opened
12 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
Dogtag 10.0 Alpha
major
#1028
TPS rewrite: provide externalReg functionality
8
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.4
blocker
#2865
X500Name.directoryStringEncodingOrder overridden by CSR encoding
5
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.13
critical
#239
TKS: with server side key gen turned on, TKS fails on key wrapping with ECC cert
2
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#304
TMS ECC infrastructure (enrollment with client-side and server-side key generation, and key archival)
17
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
ECC Effort
major
#128
RFE: TKS should support multiple DRM transport keys
2
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
FUTURE
critical
#242
DRM - during key recovery, verifyKeyPair() only works for RSA keys when they are bytes in memory
1
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#288
Unable to build JSS on F17
2
Opened
12 years ago
by
edewata
. Modified
4 years ago
dogtagpki
N/A
major
#238
TPS installation wizard: SizePanel needs to support ECC curve selection
5
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#17
Update JSS 4.2.6 --> JSS 4.3.0
3
Opened
13 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.0
critical
#243
KRA agent owning ECC certificate cannot access KRA's agent interface
3
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#241
TPS ECC: when TPS server acts as an ECC SSL client to CA, TKS, or DRM, it needs to support ECC ciphers and proper public key encoding
7
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
ECC Effort
major
#355
RFE: Add support for DSA2
4
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.6
major
#449
rhcs81 - UTF-8 support and X500Name pattern matching for Subject Name Constraints - Request Rejected - Subject Name Not Matched UID=???????,CN=???????
5
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#627
Add SCEP support for GetCACaps
10
Opened
11 years ago
by
awnuk
. Modified
4 years ago
dogtagpki
10.6
major
#362
RFE: CMC ECC
18
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
ECC Effort
major
#443
SCEP: Invalid OID in CertRep signerInfo when using SHA-2
3
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.2.3
major
#450
CS 8.1 does not honor existing Subject Key Identifier
5
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#506
SubjectAltNameExtDefault: createExtension gname with escaped chars exception - Unknown AVA keyword 'CN\'
4
Opened
12 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#492
find out why EC and RSA public keys require different encoding from DRM to TPS
1
Opened
12 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#609
Dogtag 10: JSSSocketFactory init - Null pointer exception thrown
5
Opened
11 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.2.1
major
#698
Remove cryptographic implementations from Dogtag code base
7
Opened
11 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.6
major
#1593
[RFE] HSM failover support
3
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
blocker
#2605
CMC feature support: provided issuance protection cert mechanism
3
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.1
critical
#533
Add DSA2 support to JSS
2
Opened
11 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#880
TPS Rewrite: Token Key Recovery
4
Opened
10 years ago
by
jmagne
. Modified
4 years ago
dogtagpki
10.2.1
major
#841
add support for SUITE B (Encryption)
4
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
FUTURE
blocker
#824
Encryption Profile used by delegateISEtoken should be changed from caTokenUserAuthenticationKeyEnrollment to caTokenUserDelegateAuthKeyEnrollment
6
Opened
11 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.1.2
major
#864
NIST SP800-108 KDF (patch-integration)
18
Opened
10 years ago
by
klamb
. Modified
4 years ago
dogtagpki
10.2.1
major
#700
Disable all DES-based ciphers
9
Opened
11 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.6
major
#822
rhcs81 caManualRenewal with original profile modified for empty params.name creates root CA subject DN
4
Opened
11 years ago
by
nkinder
. Modified
4 years ago
dogtagpki
10.2.2
major
#758
allow shared secret to be imported into tps certdb
5
Opened
11 years ago
by
vakwetu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#867
Need to support TPS as a separate tomcat instance
12
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.5
major
#862
TPS rewrite: provide connector service for JAVA-based TPS subsystem
4
Opened
11 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 03/14 (March)
major
#1007
Additional TPS audit events
11
Opened
10 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.3.0
major
#1002
[WIKI] TPS authenticators
6
Opened
10 years ago
by
edewata
. Modified
4 years ago
dogtagpki
1.0 TASKS
major
#884
TPS Rewrite: Audit and other Logging
4
Opened
10 years ago
by
jmagne
. Modified
4 years ago
dogtagpki
10.2 - 04/14 (April)
major
#941
TPS Rewrite: Enrollment, Recovery, KeyRecovery, revoke/unrevoke processor
7
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2 - 08/14 (August)
critical
#1158
CMCRequest does not support internal token
2
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1110
pkispawn (configuration) does not provide CA extensions in subordinate certificate signing requests (CSR)
4
Opened
10 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.2.1
major
#1032
Possible issue in MappingTokenProfileResolver.
4
Opened
10 years ago
by
edewata
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#1180
RFE: show link to request record from cert display
4
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1173
Directory-based renewal evaluator fails authorization
4
Opened
10 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.1
major
#1300
SCEP enrollment not picking up the given signing algorithm
4
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.6
major
#1240
Investigate PKCS12Export
5
Opened
10 years ago
by
edewata
. Modified
4 years ago
dogtagpki
FUTURE
major
#1299
GetCACert can't return both an RA and a CA certificate
3
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.6
major
#2718
Selecting algorithms in ECC
4
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
FUTURE
critical
#1307
[RFE] Support multiple keySets for different cards for ExternalReg
10
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.3.0
critical
#1339
doRevoke error string doesn't clear after failure.
2
Opened
9 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.2.3
critical
#1447
pkispawn: findCertByNickname fails to find cert in creating shared tomcat subsystems on HSM
2
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.2.6
critical
#1527
TPS Enrollment always goes to "ca1"
5
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.7
blocker
#1576
subsystem -> subsystem SSL handshake issue with TLS_ECDHE_RSA_* on Thales HSM
8
Opened
9 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.8
critical
#1566
non-CA subystem installations failing while trying to join security domain
3
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.2.6
major
#1660
Auto generate encryption key for group tokens
5
Opened
9 years ago
by
dsirrine
. Modified
4 years ago
dogtagpki
10.6
major
#1519
TPS UI lists the certs on the token when the token is in uninitialized state
4
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.0.a2
major
#1587
External Registration Recovery only works for 1024 sized keys out of the box
4
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.0
major
#1531
Directory auth plugin requires LDAP anonymous binds
4
Opened
9 years ago
by
bja
. Modified
4 years ago
dogtagpki
10.2.6
blocker
#1559
Job notification email is not send when caDirUserCert certificate is issued
4
Opened
9 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.5.0
major
#1659
[RFE] Add granularity to TPS for granular certificate management on token
4
Opened
9 years ago
by
dsirrine
. Modified
4 years ago
dogtagpki
FUTURE
major
#1665
Certificate Revocation Reasons not being updated in some cases
7
Opened
9 years ago
by
ddas
. Modified
4 years ago
dogtagpki
10.5.0
major
#2613
CMC: id-cmc-identityProofV2 feature implementation
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.1
critical
#1635
RFE: Improvements to RenewalNotificationJob
9
Opened
9 years ago
by
bja
. Modified
4 years ago
dogtagpki
FUTURE
major
#2282
The TPS does not properly communicate symmetricKeys.requiredVersion to the TKS
2
Opened
8 years ago
by
dsirrine
. Modified
4 years ago
dogtagpki
10.3.1
major
#1741
ECDSA Certificates Generated by Certificate System fail NIST validation test with parameter field.
10
Opened
9 years ago
by
dsirrine
. Modified
4 years ago
dogtagpki
10.5.8
critical
#2126
Different status shown on TPSUI and cli for certificate
4
Opened
8 years ago
by
gkapoor
. Modified
4 years ago
dogtagpki
10.3.0.b1
major
#2284
CMC CRMF parsing incorrect
5
Opened
8 years ago
by
roysjosh@gmail.com
. Modified
4 years ago
dogtagpki
10.5
critical
#2229
RFE: stand-alone thin EE clients for various platforms
3
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2360
[TPS] externalReg: extra keytype needed in TPS profile for recovering certs
6
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2241
RFE: stand-alone thin EE clients for various devices
3
Opened
8 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
UNTRIAGED
major
#2880
Need to record CMC requests and responses
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.5
critical
#2618
Allow CA to process pre-signed CMC renewal non-signing cert requests
6
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
critical
#2303
Key archival fails when KRA is configured with lunasa.
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.1
major
#2346
java.security.NoSuchAlgorithmException: no such algorithm: OID.1.2.840.113549.1.1.12 for provider Mozilla-JSS when signing a CSR using SHA384withRSA
4
Opened
8 years ago
by
dminnich
. Modified
4 years ago
dogtagpki
10.3.3
minor
#2352
[TMS] missing KRA agent option for netkeyKeyRecovery requests in "List Request"
2
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.2
minor
#2446
pkispawn: make subject_dn defaults unique per instance name (for shared HSM)
5
Opened
8 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.3.6
major
#2534
Automatic recovery of encryption cert - CA and TPS tokendb shows different certificate status
6
Opened
8 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.10
major
#2498
Token format with external reg fails when op.format.externalRegAddToToken.revokeCert=true
4
Opened
8 years ago
by
rpattath
. Modified
4 years ago
dogtagpki
10.3.8
major
#2616
CMC: replace id-cmc-statusInfo with id-cmc-statusInfoV2
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
critical
#3037
Need proper default subjectDN for CMC request authenticated through SharedToken
2
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.10
#2604
RFE: shared token storage and retrieval mechanism
5
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.4
blocker
#3018
CMC profiles: Some CMC profiles have wrong input class_id
5
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.8
critical
#2673
allow enrollment key signed CMC with identity proof
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.5
critical
#2615
CMC: provide Proof of Possession for encryption cert requests
3
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.1
critical
#2614
CMC: id-cmc-popLinkWitnessV2 feature implementation
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.2
critical
#2619
Allow CA to process pre-signed CMC revocation non-signing cert requests
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.8
blocker
#2675
CMC: cmc.popLinkWitnessRequired=false would cause error
6
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
blocker
#2772
TPS incorrectly assigns "tokenOrigin" and "tokenType" certificate attribute for recovered certificates.
4
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.10
critical
#2631
externalRegRecover does not support multiple KRA instances
3
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.0
blocker
#2697
Certificate status mismatch on CA and TPS token db
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.6
major
#2737
CMC: check HTTPS client authentication cert against CMC signer
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
critical
#2861
ExternalCA: Failures in ExternalCA when tried to setup with CMC signed certificates
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.3
critical
#2920
CMC: Audit Events needed for failures in SharedToken scenarios
7
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.10
critical
#2757
need CMC enrollment profiles for system certificates
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.9
critical
#2779
cmc plugin default change
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.4.8
critical
#2949
CMCAuth throws org.mozilla.jss.crypto.TokenException: Unable to insert certificate into temporary database
4
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.7
critical
#3032
Enabling Signed Audit logging fails when subsystem is installed with ECC
2
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.9
blocker
#2940
[MAN] Missing Man pages for tools CMCRequest, CMCResponse, CMCSharedToken
6
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.8
critical
#2960
Permit certain SHA384 FIPS ciphers to be enabled by default for RSA and ECC . . .
4
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.13
critical
#2995
SAN in internal SSL server certificate in pkispawn configuration step
11
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.8
critical
#2819
Incorrect SubjectID for CMC_SIGNED_REQUEST_SIG_VERIFY
2
Opened
7 years ago
by
edewata
. Modified
4 years ago
dogtagpki
10.5.1
blocker
#2879
missing audit event for CS acting as TLS client
3
Opened
7 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5.13
critical
#2834
Missing CN causing NPE in CMCAuth
2
Opened
7 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.1
blocker
#3028
CMC CRMF request results in InvalidKeyFormatException when signing algorithm is ECC
2
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.9
blocker
#2979
SAN in internal SSL server certificate in pkispawn configuration step
4
Opened
6 years ago
by
msauton
. Modified
4 years ago
dogtagpki
10.5.8
#2959
Address ECC profile overrides
7
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.10
critical
#3033
CRMFPopClient tool - should allow option to do no key archival
3
Opened
6 years ago
by
cfu
. Modified
4 years ago
dogtagpki
10.5
blocker
#3003
AuditVerify failure due to line breaks
3
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.10
critical
#3041
Enable all config audit events
2
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.12
critical
#3086
Error instantiating class for challenge_password with SCEP request
1
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
0.0 NEEDS_TRIAGE
#3027
Unsupported RSA_ ciphers should be removed from the default ciphers list
3
Opened
6 years ago
by
mharmsen
. Modified
4 years ago
dogtagpki
10.5.13
critical
#11
Add support for TLS_*_SHA384 ciphers
2
Opened
6 years ago
by
mharmsen
. Modified
2 years ago
tomcatjss
7.2
critical