diff --git a/iso15118/secc/states/iso15118_2_states.py b/iso15118/secc/states/iso15118_2_states.py index d4cc0019..6c6d239c 100644 --- a/iso15118/secc/states/iso15118_2_states.py +++ b/iso15118/secc/states/iso15118_2_states.py @@ -874,6 +874,10 @@ async def process_message( # TODO Either an MO Root certificate or a V2G Root certificate # could be used to verify, need to be flexible with regards # to the PKI that is used. + # TODO GitHub#94: If root_cert is not present, we should + # fall back to sending the leaf and sub-CA certificates, + # allowing the CSMS to attempt to retrieve the root certificate + # and construct the OCSP data itself. root_cert_path = self._mobility_operator_root_cert_path() root_cert = load_cert(root_cert_path) verify_certs(leaf_cert, sub_ca_certs, root_cert) diff --git a/iso15118/shared/messages/enums.py b/iso15118/shared/messages/enums.py index a7c5c3e5..95d2ab80 100644 --- a/iso15118/shared/messages/enums.py +++ b/iso15118/shared/messages/enums.py @@ -423,5 +423,5 @@ class Contactor(IntEnum): class AuthorizationTokenType(str, Enum): EMAID = "eMAID" - # TODO: Do we need to define this in a more complete way? + # TODO GitHub#95: Do we need to define this in a more complete way? EXTERNAL = "external" diff --git a/iso15118/shared/security.py b/iso15118/shared/security.py index 9740987f..24e88b85 100644 --- a/iso15118/shared/security.py +++ b/iso15118/shared/security.py @@ -1168,7 +1168,7 @@ def derive_certificate_hash_data( try: responder_url = get_ocsp_url_for_certificate(certificate) except (ExtensionNotFound, OCSPServerNotFoundError): - # TODO: This may just result in failure down the road. + # TODO GitHub#96: This may just result in failure down the road. # Should we let this fail on these exceptions, or is there # another way to try to get a responder_url? responder_url = "https://www.example.com/"