| Age | Commit message (Expand) | Author |
|---|
| 2012-06-26 | Certificate UID fields forbidden by RPKI profile. | Rob Austein |
| 2012-06-24 | RFC 6485 contradicts RFCs 2630 and 3370, which make rsaEncryption the | Rob Austein |
| 2012-06-23 | Check OID in CMS SignerInfo contentType attribute (conformance). | Rob Austein |
| 2012-06-22 | More CMS conformance checks, and fix a couple I got wrong yesterday. | Rob Austein |
| 2012-06-22 | Check CMS SignerInfo algorithm OIDs (conformance). | Rob Austein |
| 2012-06-22 | Check CMS for presence of CRLs (conformance). | Rob Austein |
| 2012-06-21 | Check for duplicate names in manifest (conformance). | Rob Austein |
| 2012-06-21 | Tighter checking of integer values in input data (conformance). | Rob Austein |
| 2012-06-15 | Handle all "partial transfer" (rsync code 23) errors the same way. | Rob Austein |
| 2012-06-13 | Missing directory at repository site is not a transfer failure. | Rob Austein |
| 2012-03-21 | Shut up about skipped rsync connections when rsync is disabled. | Rob Austein |
| 2012-03-09 | Move AKI checks to precede signature check, as AKI checks are cheaper. | Rob Austein |
| 2012-03-09 | Fix fencepost error in walk_ctx_loop_next(). This closes #219. | Rob Austein |
| 2012-03-02 | Add keep-lockfile, to simplify process queuing. | Rob Austein |
| 2012-03-01 | Record failure when we can't even parse a trust anchor, much less | Rob Austein |
| 2012-02-26 | Allow configuration of authenticated and unauthenticated directories | Rob Austein |
| 2012-02-15 | Factor XML generation code out of main(), and don't overwrite old XML | Rob Austein |
| 2012-02-14 | Downgrade "AIA doesn't match issuer" to a warning. Closes #188. | Rob Austein |
| 2012-02-14 | Apparently an old version of the res-certs specification allowed | Rob Austein |
| 2012-02-03 | "Multiple rsync URIs in extension" should be warning, not error. | Rob Austein |
| 2012-02-02 | Tweak AIA/SIA/CRLDP checking again: don't accidently reject just for | Rob Austein |
| 2012-02-01 | AKI checks still weren't quite right. | Rob Austein |
| 2012-01-31 | Refactor CMS checks, which have gotten complex enough to be worth | Rob Austein |
| 2012-01-31 | AKI extension is optional for self-signed RPKI certificates. | Rob Austein |
| 2012-01-26 | Back out over-zealous change introduced as part of [4267] -- | Rob Austein |
| 2012-01-26 | Conformance: Check SKI value. | Rob Austein |
| 2012-01-26 | Conformance: Check CMS SID against EE SKI in ROAs. | Rob Austein |
| 2012-01-26 | Conformance tests: tighter checking of AIA and SIA extension values. | Rob Austein |
| 2012-01-25 | Conformance testing: negative serial numbers, wrong date encoding. | Rob Austein |
| 2012-01-25 | Conformance testing: Better checking of RSA keys. | Rob Austein |
| 2012-01-25 | Move a few tests out of the not-TA conditional. | Rob Austein |
| 2012-01-25 | Conformance: Rework checking of X509v3 extensions, add KeyUsage | Rob Austein |
| 2012-01-24 | Fix manifest digest length check. Move parse_cert() call etc into | Rob Austein |
| 2012-01-24 | Conformance tests: duplicate extensions. | Rob Austein |
| 2012-01-24 | Conformance tests: digest lengths. | Rob Austein |
| 2012-01-23 | Conformance tests: pedantic checks of key and signature algorithms. | Rob Austein |
| 2012-01-23 | Conformance tests: pedantic checks of CRL timestamps. | Rob Austein |
| 2012-01-23 | Conformance tests: pedantic checks on CRL issuer name, add option | Rob Austein |
| 2011-11-10 | Handle traversal of empty backup directory with no manifest correctly, | Rob Austein |
| 2011-11-10 | Andrew's torture tests detected a mis-ordering problem in | Rob Austein |
| 2011-10-27 | Back out [4066], as it didn't fix the problem and now appears | Rob Austein |
| 2011-10-27 | Doh, rc->validation_status isn't just for XML anymore. | Rob Austein |
| 2011-10-27 | Only recheck an object once. This isn't perfect, as there might be | Rob Austein |
| 2011-10-21 | Clean up messy timestamp-printing code. | Rob Austein |
| 2011-10-21 | Add <rsync_history/> elements to XML output (see #110). | Rob Austein |
| 2011-10-21 | Major cleanup of internal databases: | Rob Austein |
| 2011-10-16 | rsync_succeeded => rsync_transfer_succeeded for consistency with other | Rob Austein |
| 2011-10-14 | Log "object_accepted" when we decide we are happy with a TA certificate. | Rob Austein |
| 2011-10-14 | Add authenticated.old symlink for convenience of programs attempting | Rob Austein |
| 2011-10-14 | Preserve node creation order in validation status XML output. | Rob Austein |
