-
-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Certvalidator report crl as good with one trust root, but invalid with two roots #417
Comments
Hi @peteris-zealid, I'm having some issues reproducing this against cryptography |
Pip freeze:
Random environment info
Took the liberty to add some print statements before the failing assert
Stack trace
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It is possible to make crl validation fail by adding an extra trust root to validation context. The particular roots are taken from ICAO masterlist. A minimal example for reproducing the problem is attached. It depends on cryptography < 42.x.x
crl_validation_problem.py.txt
I would expect that extra trust roots in validation context cannot make validation fail.
The text was updated successfully, but these errors were encountered: