Neal Gompa <ngompa13 <at> gmail.com> writes: > Is there a simple way to test if the issue is a problem on Fedora? I > don't even know of any sites with TLS 1.2 using MD5 signatures, > especially when Chrome "broke" signatures that weren't SHA-256 or > better for SSLv3 and stronger a year ago...
I guess one can always generate a cert with MD5 signature and try over TLS 1.2. However, the plot thickens. Although 43.0.2 release notes say that security issues were fixed, none are listed for that version any longer on the detailed security fixes page. So, maybe Mozilla changed their mind or something. Anyhow, Fedora builds of 43.0.3 have been submitted for testing, so all this is moot. -- Bojan -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
