DCDT Release Notes
303 views
Skip to first unread message
Direct Certificate Discovery Tool
Jun 12, 2014, 11:59:19 AM6/12/14
to directt...@googlegroups.com
DCDT Release Notes
The latest versions are at the top of these notes, with older versions below.
DCDT 3.1.2
4/5/2016
DCDT v3.1.2 has been released and is now live on SITE. This minor release fixes a bug found during testing a new version of the Direct .NET RI with DCDT v3.1.1. Some of the data in the CRLs published by DCDT were outside the bounds of what the RI expected, and other data -- the revocation dates -- needed to be listed as some time in the past.
The change included in this release is:
DCDT-322 .NET RI-related testing of D17 reveals required updates to the CRLs
DCDT v3.1.2 is available at http://sitenv.org/web/site/direct-certificate-discovery-tool-2015.
DCDT 3.1.1
1/13/2016
DCDT v3.1.1 has been released and is now live on SITE. This minor release fixes a bug found during initial public use of DCDT 3.1 related to the building of the X500Name for certificates.
The change included in this release is:
DCDT-321 Incorrect building of X500Name for subjectDN and issuerDN
DCDT-321 Incorrect building of X500Name for subjectDN and issuerDN
The DCDT JIRA project is available at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.1.1 is available at http://sitenv.org/web/site/direct-certificate-discovery-tool-2015.
DCDT 3.1
12/14/2015
DCDT v3.1 has been released and is now live on the demo site. This version focuses on conforming to the Applicability Statement for Secure Health Transport version 1.2. Changes were centered around CRL verification and AIA certificate extensions.
The changes included in this release are:
DCDT-315 Switch build versioning to utilize Git
DCDT-316 Update build process to require Java 8
DCDT-318 Switch usages of SHA-1 to SHA-256
DCDT-319 Implement certificate AIA calssuers processing
DCDT-320 Implement certificate revocation checking via CRLs
The DCDT JIRA project is available at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.1 is available at http://sitenv.org/web/site/direct-certificate-discovery-tool-2015.
DCDT 3.0.4
5/22/2015
DCDT v3.0.4 has been released and is now live on the demo site. This release changes the way that subjectAltNames (SANs) are handled in cases where there are either zero or more than one such entries. A certificate with zero SANs would previously pass the tests, but it will now fail, which is in line with the Direct Applicability Statement. A certificate with multiple SANs will now always pass, where previously it was dependent on the SAN ordering, and a warning will indicate that multiple SANs are present.
The changes included in this release are:
DCDT-243 Subject Alt Name validator only considers one value for each GeneralName
DCDT-310 Fix 508-compliance issues
DCDT-312 Address-bound and domain-bound certificates without a subjectAltName (SAN) extension are considered valid
The DCDT JIRA project is available at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.0.4 is available at http://sitenv.org/direct-certificate-discovery-tool/.
DCDT 3.0.3
12/4/2014
DCDT v3.0.3 has been released and is now live on the demo site. The changes included in this release are:
DCDT-303 DNS resolution of MX records associated with the LDAP Discovery testcases is unpredictable for some users
DCDT-285 Refactor DNS and LDAP functional tests to utilize stable infrastructure
DCDT-278 CERT RRs with algorithm type 8 (RSASHA256) not supported for hosting testcases H1 and H2
DCDT-261 Add support and configuration for DNS TXT and PTR records
DCDT-169 Limit service logging
DCDT 3.0.2
DCDT-303 DNS resolution of MX records associated with the LDAP Discovery testcases is unpredictable for some users
DCDT-285 Refactor DNS and LDAP functional tests to utilize stable infrastructure
DCDT-278 CERT RRs with algorithm type 8 (RSASHA256) not supported for hosting testcases H1 and H2
DCDT-261 Add support and configuration for DNS TXT and PTR records
DCDT-169 Limit service logging
The DCDT JIRA project is available at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.0.3 is available at http://sitenv.org/direct-certificate-discovery-tool/.
DCDT v2.1.2 no longer has a demo site.
DCDT 3.0.2
6/12/2014
DCDT v3.0.2 has been released and is now live on the demo site. The bug fixes included in this release are:
DCDT-238 Fix/improve file logging
DCDT-239 Improve handling of invalid mail service states
DCDT-240 LDAP certificate discovery must handle multi-valued userCertificate attributes
DCDT-242 Discovered certificate for Hosting testcases does not display a value for a subject Alt Name
DCDT-247 Fix result success display for negative Discovery testcases
DCDT-252 Limit number of open file handles
DCDT-253 Fix database system properties vs. auto-startup race condition
DCDT-254 Analyze/fix usages of DNS lookup service beans
DCDT-255 Fix default Java security provider usages in S/MIME
The DCDT JIRA project is available at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.0.2 is available at http://demo.direct-test.com.
DCDT v2.1.2 is still available at http://demo212.direct-test.com.
DCDT 3.0.1
5/22/2014
DCDT v3.0.1 has been released and is now live on the demo site. The bug fixes included in this release are:
DCDT-235 Hosting testcase H2 fails subject DN validator when email address attribute is present for domain-bound certificates
DCDT-226 DNS service UDP I/O deadlocks during concurrent load
DCDT-223 D8 invalid target certificate will never be found
DCDT-224 Discovery of a sender certificate stops and fails if it cannot successfully discover an address-bound certificate in DNS
DCDT-225 Results for certificates hosted in LDAP with the usercertificate;binary attribute are not displayed for Hosting testcases
DCDT-228 Verification of email addresses in certificate subject alt names and subject DN should not be case-sensitive for hosting testcases
DCDT-229 Underscore should be allowed in the local part of the email name
All JIRA issues are viewable at http://jira.oncprojectracking.org/browse/DCDT.
DCDT v3.0.1 is available at http://demo.direct-test.com.
DCDT v2.1.2 is still available at http://demo212.direct-test.com.
DCDT 3.0
5/5/2014
The Direct Certificate Discovery Tool (DCDT) Development Team, on behalf of the Office of the National Coordinator for Health Information Technology (ONC), and the Direct Project community at large, are pleased to announce the release of DCDT version 3.0.
The themes of the version 3.0 release were ease of installation and setup, and more detailed feedback to the user. Significant enhancements and improvements were made to:
- Remove the dependency on the Direct Java RI, so that DCDT is now a stand-alone application with no dependency on the RI whatsoever.
- Simplify the setup of DCDT: two fields -- domain name and IP address -- in the administration console are all that is needed to completely and automatically configure the tool and its certificates.
- Provide detailed feedback to the user at each step of every test case: detailed success and error messages provide specific, useful information to the user.
The links to important artifacts are below:
DCDT Version 3.0 Code
Release Notes
User Guide
The release has been deployed on a demonstration instance at demo.direct-test.com.
User Guide
The release has been deployed on a demonstration instance at demo.direct-test.com.
Development of this release and any future issues can be viewed at our JIRA issue tracker, which is open to the public.
As always, we invite the community to participate in our Google Group with any questions or issues.
For more information on the Direct project, please contact Direct Project Coordinator, John Hall at directproject@directproject.org.
Sincerely,
Matthew Rahn
DCDT Product Manager
Office of Science and Technology, ONC
Matthe...@hhs.gov
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages