# Process this file with autoconf to produce a configure script.
AC_PREREQ([2.69])
-AC_INIT([fort],[1.6.1],[validadorfort@fortproject.net])
+AC_INIT([fort],[1.6.2],[validadorfort@fortproject.net])
AC_CONFIG_SRCDIR([src/main.c])
AM_INIT_AUTOMAKE([subdir-objects])
layout: "default"
image: "/img/logo_validador_og.png"
-fort-latest-version: 1.6.1
+fort-latest-version: 1.6.2
plugins:
- jekyll-seo-tag
- jekyll-sitemap
---
title: Home
-descrption: FORT validator is an RPKI Relying Party, a tool offered as part of the FORT project. It performs the validation of the entire RPKI repository and serves the resulting ROAs for easy access by your routers.
---
# {{ page.title }}
## Introduction
-The FORT validator is an MIT-licensed RPKI Relying Party, offered as part of the [FORT project](https://www.fortproject.net/). It is a service that performs the validation of the entire RPKI repository, and which serves the resulting ROAs for easy access by your routers.
+FORT validator is an MIT-licensed RPKI Relying Party, offered as part of the [FORT project](https://www.fortproject.net/). It is a service that performs the validation of the entire RPKI repository, and which serves the resulting ROAs for easy access by your routers.
## Status
The Validator is a timer that, [every once in a while](usage.html#--serverintervalvalidation), resynchronizes its [local cache of the RPKI Repository](usage.html#--local-repository), validates the resulting [certificate chains](intro-rpki.html) and stores the resulting valid ROAs in memory. The RTR [Server](usage.html#--serveraddress) (which is part of the same binary) delivers these ROAs to any requesting routers.
-Fort is a command-line application intended for UNIX operating systems, written in C. (It requires a compiler that supports `-std=gnu11`.)
-
-## Standards Compliance
-
-Further information can be found in the subsections below.
-
-| RFC | Implemented |
-|----------------------------------------------------------------------------|-------------|
-| [3779](https://tools.ietf.org/html/rfc3779) (IP & AS Extensions) | 100% |
-| [6350](https://tools.ietf.org/html/rfc6350) (vCard) | 0% |
-| [6482](https://tools.ietf.org/html/rfc6482) (ROA) | 100% |
-| [6486](https://tools.ietf.org/html/rfc6486) (Manifests) | 100% |
-| [6487](https://tools.ietf.org/html/rfc6487) (Resource Certificates & CRLs) | 100% |
-| [6488](https://tools.ietf.org/html/rfc6488) (Signed Objects) | 100% |
-| [6493](https://tools.ietf.org/html/rfc6493) (Ghostbusters) | 100% |
-| [6810](https://tools.ietf.org/html/rfc6810) (RTR Version 0) | 100% |
-| [7318](https://tools.ietf.org/html/rfc7318) (Policy Qualifiers) | 100% |
-| [7935](https://tools.ietf.org/html/rfc7935) (RPKI algorithms) | 100% |
-| [8182](https://tools.ietf.org/html/rfc8182) (RRDP) | 100% |
-| [8209](https://tools.ietf.org/html/rfc8209) (BGPSec Certificates) | 0% (This code was [disabled](https://github.com/NICMx/FORT-validator/issues/58#issuecomment-941977925) in version 1.5.2) |
-| [8210](https://tools.ietf.org/html/rfc8210) (RTR Version 1) | 100% |
-| [8360](https://tools.ietf.org/html/rfc8360) (Validation Reconsidered) | 100% |
-| [8416](https://tools.ietf.org/html/rfc8416) (SLURM) | 100% |
-| [8608](https://tools.ietf.org/html/rfc8608) (BGPsec algorithms) | 100% |
-| [8630](https://tools.ietf.org/html/rfc8630) (TALs with HTTPS URIs) | 100% |
-
-### RFC 6350 (vCard)
-
-The vCard format is only used by Ghostbusters records. 6350 defines the basic vCard format, while 6493 defines additional requirements for Ghostbusters-specific vCard.
-
-The specific validations have been implemented, while the basic ones have not.
-
-## TO-DO
-
-- Reach 100% RFC compliance
-- Trigger revalidation and SLURM reload on SIGHUP.
-- Configurable origin address for outgoing requests.
+Fort is a command-line application intended for UNIX operating systems, written in C.
+
+## Roadmap
+
+<!-- Remember to remove issues 59 and 60 during import -->
+
+| Issue | Title | Urgency | Due release |
+|-------|-------|---------|-------------|
+| [issue122](https://github.com/NICMx/FORT-validator/issues/122) | New invocation mode: Decode and print RPKI file in standard output | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/11">1.6.2</a> |
+| [issue82](https://github.com/NICMx/FORT-validator/issues/82) | Reach 100% RFC 9286 compliance | <span class="urgency-critical">Critical</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
+| [issue112](https://github.com/NICMx/FORT-validator/issues/112) | Enforce same origin for RRDP files | <span class="urgency-high">High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
+| [issue113](https://github.com/NICMx/FORT-validator/issues/113) | Detect and properly respond to subtler RRDP session desynchronization | <span class="urgency-medium">Medium</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
+| [issue114](https://github.com/NICMx/FORT-validator/issues/114) | Support automatic TA key rollover | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/13">1.6.4</a> |
+| [issue50](https://github.com/NICMx/FORT-validator/issues/50) | Provide prometheus endpoint | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/14">1.6.5</a> |
+| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/15">1.6.6</a> |
+| [issue74](https://github.com/NICMx/FORT-validator/issues/74) | Kill rsync if a timeout is exceeded | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/16">1.6.7</a> |
+| [issue116](https://github.com/NICMx/FORT-validator/issues/116) | SLURM review | <span class="urgency-high">High</span> | - |
+| [issue118](https://github.com/NICMx/FORT-validator/issues/118) | Implement validation re-reconsidered | <span class="urgency-high">High</span> | - |
+| [issue119](https://github.com/NICMx/FORT-validator/issues/119) | Review IRIs to file names transition | <span class="urgency-high">High</span> | - |
+| [issue120](https://github.com/NICMx/FORT-validator/issues/120) | Error messages review | <span class="urgency-high">High</span> | - |
+| [issue121](https://github.com/NICMx/FORT-validator/issues/121) | Refactor validation and operation logging | <span class="urgency-high">High</span> | - |
+| [issue72](https://github.com/NICMx/FORT-validator/issues/72) | Encrypt RTR | <span class="urgency-medium">Medium</span> | - |
+| [issue73](https://github.com/NICMx/FORT-validator/issues/73) | Minimize probability of RTR session ID and serial reuse | <span class="urgency-medium">Medium</span> | - |
+| [issue90](https://github.com/NICMx/FORT-validator/issues/90) | Add "metadata" section to json output | <span class="urgency-medium">Medium</span> | - |
+| [issue91](https://github.com/NICMx/FORT-validator/issues/91) | Add "ta" field to ROAs in json output | <span class="urgency-medium">Medium</span> | - |
+| [issue97](https://github.com/NICMx/FORT-validator/issues/97) | Add "incidence" fields for every nonfatal RFC incompliance | <span class="urgency-medium">Medium</span> | - |
+| [issue117](https://github.com/NICMx/FORT-validator/issues/117) | Warn on maxLength defined on SLURM | <span class="urgency-medium">Medium</span> | - |
+| [issue124](https://github.com/NICMx/FORT-validator/issues/124) | Atomize output files (`--output.roa` and `--output.bgpsec`) | <span class="urgency-medium">Medium</span> | - |
+| [issue125](https://github.com/NICMx/FORT-validator/issues/125) | ASN.1 review | <span class="urgency-medium">Medium</span> | - |
+| [issue126](https://github.com/NICMx/FORT-validator/issues/126) | Exhaustive URL validation | <span class="urgency-medium">Medium</span> | - |
+| [issue127](https://github.com/NICMx/FORT-validator/issues/127) | Stream RRDP files | <span class="urgency-medium">Medium</span> | - |
+| [issue128](https://github.com/NICMx/FORT-validator/issues/128) | Reuse TCP connections for HTTP requests to same server | <span class="urgency-medium">Medium</span> | - |
+| [issue129](https://github.com/NICMx/FORT-validator/issues/129) | Rethink the thread pools | <span class="urgency-medium">Medium</span> | - |
+| [issue130](https://github.com/NICMx/FORT-validator/issues/130) | Improve documentation | <span class="urgency-medium">Medium</span> | - |
+| [issue40](https://github.com/NICMx/FORT-validator/issues/40) | failure scenarios, monitoring and glibc recommendations | <span class="urgency-low">Low</span> | - |
+| [issue42](https://github.com/NICMx/FORT-validator/issues/42) | reload feature: restart validation on SIGHUP | <span class="urgency-low">Low</span> | - |
+| [issue70](https://github.com/NICMx/FORT-validator/issues/70) | Do a quick temporary offline validation to prevent `No Data Available` | <span class="urgency-low">Low</span> | - |
+| [issue123](https://github.com/NICMx/FORT-validator/issues/123) | New invocation mode: Validate single file | <span class="urgency-low">Low</span> | - |
+| [issue131](https://github.com/NICMx/FORT-validator/issues/131) | Implement vCard validation | <span class="urgency-low">Low</span> | - |
+| [issue132](https://github.com/NICMx/FORT-validator/issues/132) | Implement RTRv2 | <span class="urgency-low">Low</span> | - |
+| [issue134](https://github.com/NICMx/FORT-validator/issues/134) | Implement draft-ietf-sidrops-cms-signing-time | <span class="urgency-low">Low</span> | - |
+
+++ /dev/null
----
-title: Roadmap
----
-
-# Roadmap
-
-<!-- Remember to remove issues 59 and 60 during import -->
-
-| Issue | Title | Urgency | Due release |
-|-------|-------|---------|-------------|
-| [issue122](https://github.com/NICMx/FORT-validator/issues/122) | New invocation mode: Decode and print RPKI file in standard output | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/11">1.6.2</a> |
-| [issue82](https://github.com/NICMx/FORT-validator/issues/82) | Reach 100% RFC 9286 compliance | <span class="urgency-critical">Critical</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
-| [issue112](https://github.com/NICMx/FORT-validator/issues/112) | Enforce same origin for RRDP files | <span class="urgency-high">High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
-| [issue113](https://github.com/NICMx/FORT-validator/issues/113) | Detect and properly respond to subtler RRDP session desynchronization | <span class="urgency-medium">Medium</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.3</a> |
-| [issue50](https://github.com/NICMx/FORT-validator/issues/50) | Provide prometheus endpoint | <span class="urgency-very-high">Very High</span> | - |
-| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | <span class="urgency-very-high">Very High</span> | - |
-| [issue74](https://github.com/NICMx/FORT-validator/issues/74) | Kill rsync if a timeout is exceeded | <span class="urgency-very-high">Very High</span> | - |
-| [issue114](https://github.com/NICMx/FORT-validator/issues/114) | Support automatic TA key rollover | <span class="urgency-very-high">Very High</span> | - |
-| [issue116](https://github.com/NICMx/FORT-validator/issues/116) | SLURM review | <span class="urgency-high">High</span> | - |
-| [issue118](https://github.com/NICMx/FORT-validator/issues/118) | Implement validation re-reconsidered | <span class="urgency-high">High</span> | - |
-| [issue119](https://github.com/NICMx/FORT-validator/issues/119) | Review IRIs to file names transition | <span class="urgency-high">High</span> | - |
-| [issue120](https://github.com/NICMx/FORT-validator/issues/120) | Error messages review | <span class="urgency-high">High</span> | - |
-| [issue121](https://github.com/NICMx/FORT-validator/issues/121) | Refactor validation and operation logging | <span class="urgency-high">High</span> | - |
-| [issue72](https://github.com/NICMx/FORT-validator/issues/72) | Encrypt RTR | <span class="urgency-medium">Medium</span> | - |
-| [issue73](https://github.com/NICMx/FORT-validator/issues/73) | Minimize probability of RTR session ID and serial reuse | <span class="urgency-medium">Medium</span> | - |
-| [issue90](https://github.com/NICMx/FORT-validator/issues/90) | Add "metadata" section to json output | <span class="urgency-medium">Medium</span> | - |
-| [issue91](https://github.com/NICMx/FORT-validator/issues/91) | Add "ta" field to ROAs in json output | <span class="urgency-medium">Medium</span> | - |
-| [issue97](https://github.com/NICMx/FORT-validator/issues/97) | Add "incidence" fields for every nonfatal RFC incompliance | <span class="urgency-medium">Medium</span> | - |
-| [issue117](https://github.com/NICMx/FORT-validator/issues/117) | Warn on maxLength defined on SLURM | <span class="urgency-medium">Medium</span> | - |
-| [issue124](https://github.com/NICMx/FORT-validator/issues/124) | Atomize output files (`--output.roa` and `--output.bgpsec`) | <span class="urgency-medium">Medium</span> | - |
-| [issue125](https://github.com/NICMx/FORT-validator/issues/125) | ASN.1 review | <span class="urgency-medium">Medium</span> | - |
-| [issue126](https://github.com/NICMx/FORT-validator/issues/126) | Exhaustive URL validation | <span class="urgency-medium">Medium</span> | - |
-| [issue127](https://github.com/NICMx/FORT-validator/issues/127) | Stream RRDP files | <span class="urgency-medium">Medium</span> | - |
-| [issue128](https://github.com/NICMx/FORT-validator/issues/128) | Reuse TCP connections for HTTP requests to same server | <span class="urgency-medium">Medium</span> | - |
-| [issue129](https://github.com/NICMx/FORT-validator/issues/129) | Rethink the thread pools | <span class="urgency-medium">Medium</span> | - |
-| [issue130](https://github.com/NICMx/FORT-validator/issues/130) | Improve documentation | <span class="urgency-medium">Medium</span> | - |
-| [issue40](https://github.com/NICMx/FORT-validator/issues/40) | failure scenarios, monitoring and glibc recommendations | <span class="urgency-low">Low</span> | - |
-| [issue42](https://github.com/NICMx/FORT-validator/issues/42) | reload feature: restart validation on SIGHUP | <span class="urgency-low">Low</span> | - |
-| [issue70](https://github.com/NICMx/FORT-validator/issues/70) | Do a quick temporary offline validation to prevent `No Data Available` | <span class="urgency-low">Low</span> | - |
-| [issue123](https://github.com/NICMx/FORT-validator/issues/123) | New invocation mode: Validate single file | <span class="urgency-low">Low</span> | - |
-| [issue131](https://github.com/NICMx/FORT-validator/issues/131) | Implement vCard validation | <span class="urgency-low">Low</span> | - |
-| [issue132](https://github.com/NICMx/FORT-validator/issues/132) | Implement RTRv2 | <span class="urgency-low">Low</span> | - |
-
<pre><code>{
"<a href="#--tal">tal</a>": "/tmp/fort/tal/",
"<a href="#--local-repository">local-repository</a>": "/tmp/fort/repository",
- "<a href="#--work-offline">work-offline</a>": false,
"<a href="#--maximum-certificate-depth">maximum-certificate-depth</a>": 32,
+ "<a href="#--slurm">slurm</a>": "/tmp/fort/test.slurm",
"<a href="#--mode">mode</a>": "server",
+ "<a href="#--work-offline">work-offline</a>": false,
"<a href="#--daemon">daemon</a>": false,
- "<a href="#--slurm">slurm</a>": "/tmp/fort/test.slurm",
- "<a href="#--asn1-decode-max-stack">asn1-decode-max-stack</a>": 4096,
"server": {
"<a href="#--serveraddress">address</a>": [
}
},
- "log": {
- "<a href="#--logenabled">enabled</a>": true,
- "<a href="#--logoutput">output</a>": "console",
- "<a href="#--loglevel">level</a>": "info",
- "<a href="#--logtag">tag</a>": "Operation",
- "<a href="#--logfacility">facility</a>": "daemon",
- "<a href="#--logfile-name-format">file-name-format</a>": "global-url",
- "<a href="#--logcolor-output">color-output</a>": false
- },
-
- "validation-log": {
- "<a href="#--validation-logenabled">enabled</a>": false,
- "<a href="#--validation-logoutput">output</a>": "console",
- "<a href="#--validation-loglevel">level</a>": "warning",
- "<a href="#--validation-logtag">tag</a>": "Validation",
- "<a href="#--validation-logfacility">facility</a>": "daemon",
- "<a href="#--validation-logfile-name-format">file-name-format</a>": "global-url",
- "<a href="#--validation-logcolor-output">color-output</a>": false
- },
-
- "http": {
- "<a href="#--httpenabled">enabled</a>": true,
- "<a href="#--httppriority">priority</a>": 60,
- "retry": {
- "<a href="#--httpretrycount">count</a>": 1,
- "<a href="#--httpretryinterval">interval</a>": 4
- },
- "<a href="#--httpuser-agent">user-agent</a>": "{{ page.command }}/{{ site.fort-latest-version }}",
- "<a href="#--httpconnect-timeout">max-redirs</a>": 10,
- "<a href="#--httpconnect-timeout">connect-timeout</a>": 30,
- "<a href="#--httptransfer-timeout">transfer-timeout</a>": 0,
- "<a href="#--httplow-speed-limit">low-speed-limit</a>": 100000,
- "<a href="#--httplow-speed-time">low-speed-time</a>": 10,
- "<a href="#--httpmax-file-size">max-file-size</a>": 1000000000,
- "<a href="#--httpca-path">ca-path</a>": "/usr/local/ssl/certs"
- },
-
"rsync": {
"<a href="#--rsyncenabled">enabled</a>": true,
"<a href="#--rsyncpriority">priority</a>": 50,
]
},
+ "http": {
+ "<a href="#--httpenabled">enabled</a>": true,
+ "<a href="#--httppriority">priority</a>": 60,
+ "retry": {
+ "<a href="#--httpretrycount">count</a>": 1,
+ "<a href="#--httpretryinterval">interval</a>": 4
+ },
+ "<a href="#--httpuser-agent">user-agent</a>": "fort/1.6.2",
+ "<a href="#--httpmax-redirs">max-redirs</a>": 10,
+ "<a href="#--httpconnect-timeout">connect-timeout</a>": 30,
+ "<a href="#--httptransfer-timeout">transfer-timeout</a>": 0,
+ "<a href="#--httplow-speed-limit">low-speed-limit</a>": 100000,
+ "<a href="#--httplow-speed-time">low-speed-time</a>": 10,
+ "<a href="#--httpmax-file-size">max-file-size</a>": 1000000000,
+ "<a href="#--httpca-path">ca-path</a>": "/usr/local/ssl/certs"
+ },
+
+ "log": {
+ "<a href="#--logenabled">enabled</a>": true,
+ "<a href="#--logoutput">output</a>": "console",
+ "<a href="#--loglevel">level</a>": "info",
+ "<a href="#--logtag">tag</a>": "Operation",
+ "<a href="#--logfacility">facility</a>": "daemon",
+ "<a href="#--logfile-name-format">file-name-format</a>": "global-url",
+ "<a href="#--logcolor-output">color-output</a>": false
+ },
+
+ "validation-log": {
+ "<a href="#--validation-logenabled">enabled</a>": false,
+ "<a href="#--validation-logoutput">output</a>": "console",
+ "<a href="#--validation-loglevel">level</a>": "warning",
+ "<a href="#--validation-logtag">tag</a>": "Validation",
+ "<a href="#--validation-logfacility">facility</a>": "daemon",
+ "<a href="#--validation-logfile-name-format">file-name-format</a>": "global-url",
+ "<a href="#--validation-logcolor-output">color-output</a>": false
+ },
+
"<a href="#incidences">incidences</a>": [
{
"name": "incid-hashalg-has-params",
"action": "ignore"
- },
- {
+ }, {
"name": "incid-obj-not-der-encoded",
"action": "ignore"
- },
- {
+ }, {
"name": "incid-file-at-mft-not-found",
"action": "error"
- },
- {
+ }, {
"name": "incid-file-at-mft-hash-not-match",
"action": "error"
- },
- {
+ }, {
"name": "incid-mft-stale",
"action": "error"
- },
- {
+ }, {
"name": "incid-crl-stale",
"action": "error"
}
"<a href="#--outputformat">format</a>": "csv"
},
+ "<a href="#--asn1-decode-max-stack">asn1-decode-max-stack</a>": 4096,
+
"thread-pool": {
"server": {
"<a href="#--thread-poolservermax">max</a>": 20
-.TH fort 8 "2023-12-15" "v1.6.1" "FORT validator"
+.TH fort 8 "2024-05-24" "v1.6.2" "FORT validator"
.SH NAME
fort \- RPKI validator and RTR server
.SH DESCRIPTION
-Fort is an RPKI "Relying Party" (RP). It's an artifact that validates Route
-Origin Attestations (ROAs) and BGPsec Router Keys, by way of a Public Key
+Fort is an RPKI "Relying Party" (RP), an artifact that validates Route
+Origin Attestations (ROAs) by way of a Public Key
Infrastructure (PKI). ROAs are employed by routers, to verify BGP routing
attestations.
.P
-The main validation input is one or more Trust Anchor Locator (TAL) files
+Its main input is one or more Trust Anchor Locator (TAL) files
(\fI--tal\fR), which point to the RPKI Trust Anchors (ie. root certificates).
Fort downloads all the resources governed by the trust anchors into a local
cache (\fI--local-repository\fR), and proceeds to validate their entirety. The
-output of the validation is a set of trusted ROAs and Router Keys, which are
-printed to files (\fI--output.roa\fR and \fI--output.bgpsec\fR) and/or served to
+output of the validation is a set of VRPs (Validated ROA Payloads), which are
+served to
routers (\fI--mode=server\fR, \fI--server.address\fR, \fI--server.port\fR)
-through the RTR protocol (version 0 or 1).
+through the RTR protocol (RFC 6810).
.SH OPTIONS
.TP
{
"tal": "/tmp/fort/tal/",
"local-repository": "/tmp/fort/repository",
- "work-offline": false,
"maximum-certificate-depth": 32,
+ "slurm": "/tmp/fort/test.slurm",
"mode": "server",
+ "work-offline": false,
"daemon": false,
- "slurm": "/tmp/fort/test.slurm",
- "asn1-decode-max-stack": 4096,
"server": {
"address": [
}
},
- "log": {
- "enabled": true,
- "output": "console",
- "level": "info",
- "tag": "Operation",
- "facility": "daemon",
- "file-name-format": "global-url",
- "color-output": false
- },
-
- "validation-log": {
- "enabled": false,
- "output": "console",
- "level": "warning",
- "tag": "Validation",
- "facility": "daemon",
- "file-name-format": "global-url",
- "color-output": false
- },
-
- "http": {
- "enabled": true,
- "priority": 60,
- "retry": {
- "count": 1,
- "interval": 4
- },
- "user-agent": "fort/1.6.0",
- "max-redirs": 10,
- "connect-timeout": 30,
- "transfer-timeout": 0,
- "low-speed-limit": 100000,
- "low-speed-time": 10,
- "max-file-size": 1000000000,
- "ca-path": "/usr/local/ssl/certs"
- },
-
"rsync": {
"enabled": true,
"priority": 50,
]
},
+ "http": {
+ "enabled": true,
+ "priority": 60,
+ "retry": {
+ "count": 1,
+ "interval": 4
+ },
+ "user-agent": "fort/1.6.2",
+ "max-redirs": 10,
+ "connect-timeout": 30,
+ "transfer-timeout": 0,
+ "low-speed-limit": 100000,
+ "low-speed-time": 10,
+ "max-file-size": 1000000000,
+ "ca-path": "/usr/local/ssl/certs"
+ },
+
+ "log": {
+ "enabled": true,
+ "output": "console",
+ "level": "info",
+ "tag": "Operation",
+ "facility": "daemon",
+ "file-name-format": "global-url",
+ "color-output": false
+ },
+
+ "validation-log": {
+ "enabled": false,
+ "output": "console",
+ "level": "warning",
+ "tag": "Validation",
+ "facility": "daemon",
+ "file-name-format": "global-url",
+ "color-output": false
+ },
+
"incidences": [
{
"name": "incid-hashalg-has-params",
"action": "ignore"
- },
- {
+ }, {
"name": "incid-obj-not-der-encoded",
"action": "ignore"
- },
- {
+ }, {
"name": "incid-file-at-mft-not-found",
"action": "error"
- },
- {
+ }, {
"name": "incid-file-at-mft-hash-not-match",
"action": "error"
- },
- {
+ }, {
"name": "incid-mft-stale",
"action": "error"
- },
- {
+ }, {
"name": "incid-crl-stale",
"action": "error"
}
"format": "csv"
},
+ "asn1-decode-max-stack": 4096,
+
"thread-pool": {
"server": {
"max": 20
projects / thirdparty / FORT-validator.git / commitdiff
