<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
verbal conditional ack from Jack.<br>
addressed and committed.<br>
<br>
commit 9a6a3d1cbf6e347b2cf0737afca4f793a6a0d0ba<br>
<br>
Christina<br>
<br>
<div class="moz-cite-prefix">On 01/13/2016 05:49 PM, Christina Fu
wrote:<br>
</div>
<blockquote cite="mid:5696FEA0.2040507@redhat.com" type="cite">Ticket
#1375 Provide cert/key retention for externalReg
<br>
Ticket #1514 TPS: Recovered certs on a token has status expired
<br>
Ticket #1587 External Registration Recovery only works for 1024
sized keys out of the box
<br>
This patch provides the cert/key retention feature for
externalReg. if the
<br>
certsToAdd field contains (serial,ca#) instead of the full
(serial, ca#,
<br>
keyId, kra#), then it is expecting the cert/key to be retained
from token
<br>
without having to do a full retrieval (recovery). This patch also
fixes the
<br>
issues reported in #1514 and #1587 as testing of #1375 is easier
with those
<br>
two issues addressed. An issue was found during development where
Coolkey
<br>
puts limits on the cert/key ids on the token and make it
impossible to inject
<br>
cert ID higher than 4, as it would then result in key ids into
two digits.
<br>
This issue will be filed as a separte ticket and addressed
separately. Most
<br>
testing will then be conducted.
<br>
<br>
thanks,
<br>
Christina
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Pki-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Pki-devel@redhat.com">Pki-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pki-devel">https://www.redhat.com/mailman/listinfo/pki-devel</a></pre>
</blockquote>
<br>
</body>
</html>