-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am Do den 13. Mär 2014 um 23:11 schrieb Raphael Geissert: > Control: severity -1 important
The severity is critical as it breaks several unrelated packages and breaks security. > > More over, it opens security holes to such systems as it is not possible > > anymore to be sure that a certificate is valid. > > Any tool that doesn't ask for confirmation or that doesn't require a special > parameter to connect to any server for which it can not verify the validity > of the certificate should be fixed. Don't hesitate to file a bug report > against those tools. That was not the point of this fact. I'm fully with you but it doesn't help in most cases as where do you want to get the correct fingerprint from? There is no secure way if you cannot get it directly from the server direct from the shell if you have no trust path. Even more, it has been shown that users just klick on ok for unknown certificates. So this make the problem even more urgent. Regards Klaus - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGcBAEBCgAGBQJTIi6dAAoJEKZ8CrGAGfaskq0L/iOLRV0av6QwMefunJgQz2vE yE6RJwg/j9OGU7XdJNpoJa0zNx7W1ezg7KFtS5aBiNviiJ5dgbwH55f6WYKsEA1z nhjs+EndxWE3fXRkVS0IqkSNCMf0a74TSy5rxII533xvLYBEYhV4B7YzZGbK3mO7 CS6dJ3L0w7X/6mJ/YrPtDpgXgIYqQSVBXc5pknS3ID2BC7KBduBneb+g180/2w1j PWv3pzzfgKx9a/rtCrv4LbxelBvUiCtSuNjo+MY+NKC4/AlDyvFyVjvlJwRgOE81 YEu+OGlAyAslfewWcMgeq0Vok0YifmwKbjFi5gUTHdr+PPQxyox6HkQmBOjqPnJQ q9+CtcEJUlwS6vZHac4dZaXsjp0ZnFxAkDW6KYcfKEqybzylEYMVjkYQqBCMrIoI SbOs8nceY8GYcHT2ciCrS0erkjN417NRx/nyuGoihYHarJm25goz4sZKLfSPH19y j1EON2tSyEaSV33t9M8tgMX4UFadjDIlQTzp1L3NlQ== =d7FW -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
