Package: telepathy-gabble Version: 0.13.5-1 Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
When connecting to the server for robots.org.uk, Empathy claims that the CA certificate that signed the server's SSL certificate is self-signed. However, it has correctly been installed into the /etc/ssl/certificates/ca-certificates file, and should therefore be trusted. The example uses SMTP because I know how to speak it; both services use a certificate signed by the same CA certificate. $ gnutls-cli -p 25 crypt.ethx.net --starttls --x509cafile /etc/ssl/certs/ca-certificates.crt Processed 159 CA certificate(s). Resolving 'crypt.ethx.net'... Connecting to '82.165.27.140:25'... - - Simple Client Mode: 220 crypt.ethx.net ESMTP Exim 4.72 Mon, 29 Aug 2011 10:12:12 +0100 ehlo sam 250-crypt.ethx.net Hello host-92-21-148-90.as13285.net [92.21.148.90] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-STARTTLS 250 HELP starttls 220 TLS go ahead *** Starting TLS handshake - - Ephemeral Diffie-Hellman parameters - Using prime: 2048 bits - Secret key: 2045 bits - Peer's public key: 2044 bits - - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `CN=crypt.ethx.net', issuer `C=GB,O=robots.org.uk,OU=robots.org.uk certificate authority,CN=robots.org.uk certificate authority', RSA key 2048 bits, signed using RSA-SHA1, activated `2010-10-30 14:22:44 UTC', expires `2015-10-29 14:22:44 UTC', SHA-1 fingerprint `712f30a8c82e6a714dd4fc7166c6d9d0b1fcfedf' - - The hostname in the certificate matches 'crypt.ethx.net'. - - Peer's certificate is trusted - - Version: TLS1.0 - - Key Exchange: DHE-RSA - - Cipher: AES-128-CBC - - MAC: SHA1 - - Compression: NULL I have only received this notification since upgrading from squeeze; I'm not sure if that was because the warning was ignored before, or because gabble no longer trusts the certificates in /etc/SSL/certs/ca-certificates.crt. - -- System Information: Debian Release: wheezy/sid APT prefers stable-updates APT policy: (550, 'stable-updates'), (550, 'stable'), (540, 'testing'), (530, 'unstable'), (520, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages telepathy-gabble depends on: ii libc6 2.13-16 Embedded GNU C Library: Shared lib ii libdbus-1-3 1.4.14-1 simple interprocess messaging syst ii libdbus-glib-1-2 0.88-2.1 simple interprocess messaging syst ii libglib2.0-0 2.28.6-1 The GLib library of C routines ii libgnutls26 2.12.7-7 GNU TLS library - runtime library ii libnice10 0.1.0-2 ICE library (shared library) ii libsoup2.4-1 2.34.3-1 HTTP library implementation in C - ii libsqlite3-0 3.7.7-2 SQLite 3 shared library ii libtelepathy-glib0 0.15.5-1 Telepathy framework - GLib library ii libxml2 2.7.8.dfsg-2+squeeze1 GNOME XML library telepathy-gabble recommends no packages. telepathy-gabble suggests no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk5bWTkACgkQshl/216gEHjTBQCeOkTcdla24PfprO8GuBA8HlE/ exEAni1JojlqRUTJ+y+kQ3kVHhGhlkg9 =IKzB -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
