Bug#624874: icedove: Some recognized Certificate Authorities missing
Hello, Am 25.08.2015 um 11:47 schrieb pitxyoki: > However, I recall that the main point here was that Icedove was not > recognizing the same certificate chains that Iceweasel would - I never > had to manually accept anything on Iceweasel for the same chain. If > meanwhile the CA repositories were updated, this should no longer be > an issue. the various CA's comes from the package libnss, so if Iceweasel and Icedove use the same package they also use the same base of certificate authorities. But sometimes, especially if we do security uploads, booth packages have to use the libnss within the source. By this it can happen you see different CA's in booth packages as there are different versions possible. -- Regards Carsten Schoenert
Bug#624874: icedove: Some recognized Certificate Authorities missing
Hello Carsten, Meanwhile my e-mail provider changed name and address, and unfortunately I also stopped using Icedove to synchronize it. However, I recall that the main point here was that Icedove was not recognizing the same certificate chains that Iceweasel would - I never had to manually accept anything on Iceweasel for the same chain. If meanwhile the CA repositories were updated, this should no longer be an issue. As I won't be able to reproduce this issue, feel free to close it. Thank you and best regards, -- Luís Picciochi Oliveira On 25/08/2015, Carsten Schoenert wrote: > Version: 38.0.1-1 > > > Hello Luís Picciochi, > > maybe a little bit late but I think this issue is gone long ago. > > On Mon, May 02, 2011 at 12:56:27PM +0100, Luís Picciochi Oliveira wrote: >> Package: icedove >> Version: 3.1.9-2 >> Severity: normal >> >> >> Hi, >> >> Recently, Icedove stopped recognizing my e-mail provider's certificate. As >> soon >> as it tries to connect to the server I see a message saying that >> >> "This site attempts to identify itself with invalid information. >> Unknown Identity >> Certificate is not trusted, because it hasn't been verified by a >> recognised >> authority." >> >> I have to click "Confirm Security Exception" for the certificate to be >> recognised (I never clicked "Permanently confirm this exception" on >> purpose). >> You can see the window with the certificate's details on the attached >> image. > > That's a normal thing if you don't accept the certificate at one point. > Icedove just nows nothing about such certificates as there is no trust > chain that solves the certificate of your provider. > If you trust the cert of your provider there is nothing to concern > about, store the cert and Icedove will not complain anymore. > >> What's more, I can see that the CA information for "VeriSign Class 3 >> Secure >> Server CA - G3" is in fact missing from Icedove's Certificate Manager, but >> that >> same certificate is present on Iceweasel's CM. Other CAs might be missing >> from >> Icedove, it would be nice to have the same list of recognised CAs on >> Icedove as >> what is present on Iceweasel. > > I don't know excately but this authority is implemented long ago. > > So there is no real issue I can see in this report I will close it now. > Please reopen if there seems a need to. > > Regards > Carsten >
Bug#624874: icedove: Some recognized Certificate Authorities missing
Package: icedove Version: 3.1.9-2 Severity: normal Hi, Recently, Icedove stopped recognizing my e-mail provider's certificate. As soon as it tries to connect to the server I see a message saying that "This site attempts to identify itself with invalid information. Unknown Identity Certificate is not trusted, because it hasn't been verified by a recognised authority." I have to click "Confirm Security Exception" for the certificate to be recognised (I never clicked "Permanently confirm this exception" on purpose). You can see the window with the certificate's details on the attached image. What's more, I can see that the CA information for "VeriSign Class 3 Secure Server CA - G3" is in fact missing from Icedove's Certificate Manager, but that same certificate is present on Iceweasel's CM. Other CAs might be missing from Icedove, it would be nice to have the same list of recognised CAs on Icedove as what is present on Iceweasel. Best regards, Luís Picciochi -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.38-2-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages icedove depends on: ii debianutils 3.4.4 Miscellaneous utilities specific t ii fontconfig 2.8.0-2.2 generic font configuration library ii libasound2 1.0.23-3shared library for ALSA applicatio ii libatk1.0-0 2.0.0-1 The ATK accessibility toolkit ii libc62.11.2-11 Embedded GNU C Library: Shared lib ii libcairo21.10.2-6The Cairo 2D vector graphics libra ii libdbus-1-3 1.4.6-1 simple interprocess messaging syst ii libffi5 3.0.9-4 Foreign Function Interface library ii libfontconfig1 2.8.0-2.2 generic font configuration library ii libfreetype6 2.4.4-1 FreeType 2 font engine, shared lib ii libgcc1 1:4.6.0-2 GCC support library ii libgdk-pixbuf2.0 2.23.3-3GDK Pixbuf library ii libglib2.0-0 2.28.6-1The GLib library of C routines ii libgtk2.0-0 2.24.4-3The GTK+ graphical user interface ii libjpeg626b1-1 The Independent JPEG Group's JPEG ii libnspr4-0d 4.8.7-2 NetScape Portable Runtime Library ii libnss3-1d 3.12.9.with.ckbi.1.82-1 Network Security Service libraries ii libpango1.0-01.28.3-6Layout and rendering of internatio ii libpixman-1-00.21.4-2pixel-manipulation library for X a ii libsqlite3-0 3.7.5-1 SQLite 3 shared library ii libstartup-notif 0.10-1 library for program launch feedbac ii libstdc++6 4.6.0-2 The GNU Standard C++ Library v3 ii libx11-6 2:1.4.3-1 X11 client-side library ii libxrender1 1:0.9.6-1 X Rendering Extension client libra ii libxt6 1:1.1.1-1 X11 toolkit intrinsics library ii psmisc 22.13-1 utilities that use the proc file s ii zlib1g 1:1.2.3.4.dfsg-3compression library - runtime Versions of packages icedove recommends: ii myspell-en-gb [myspell-dictio 1:3.3.0-3 English_british dictionary for mys ii myspell-pt-pt [myspell-dictio 20091013-2 European Portuguese dictionary for Versions of packages icedove suggests: ii libdbus-glib-1-2 0.92-1simple interprocess messaging syst ii libgconf2-42.28.1-6 GNOME configuration database syste ii libgnomevfs2-0 1:2.24.4-1GNOME Virtual File System (runtime ii libgssapi-krb5-2 1.9+dfsg-1+b1 MIT Kerberos runtime libraries - k ii libnotify1 [libnotify1-gtk 0.5.0-2 sends desktop notifications to a n pn ttf-lyx(no description available) -- debconf information: icedove/browser: Debian <>
