severity 858539 serious thanks
We should not release stretch with these certificates; not only would
it be embarrassing to do so given that they have ceased to work in
modern browsers for some time, we are also simply putting our users
at risk.
Whilst there will be more CA screwups in the future, we should release
with our reasonable best effort, which surely means "just" removing
these.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
