Package: ca-certificates
Severity: grave
Version: 20080809
Hi,
During a review of signet.pl's CAs in ca-certficiates, I've found several
issues that prompt me to remove them from all the current releases of ca-
certificates.
* signet_ca1_pem.crt
notAfter=Sep 23 13:18:17 2011 GMT [EXPIRED]
NO CRL
NO OCSP
Bits=1024
* signet_ca2_pem.crt
notAfter=Apr 18 12:53:07 2017 GMT
NO OCSP
CRL=http://www.signet.pl/repozytorium/crl/pca2.crl
Last Update: Jan 4 11:39:13 2007 GMT
Next Update: Jan 4 11:44:13 2008 GMT [EXPIRED]
Bits=2048
* signet_ca3_pem.crt
notAfter=Apr 28 10:50:55 2008 GMT [EXPIRED]
NO CRL
NO OCSP
Bits=2048
* signet_ocspklasa2_pem.crt
notAfter=Apr 18 12:53:07 2017 GMT
CRL=http://www.signet.pl/repozytorium/crl/klasa2.crl
Last Update: Jan 4 10:36:58 2007 GMT
Next Update: Jan 5 10:36:58 2007 GMT [EXPIRED]
NO OCSP
Bits=1024
* signet_ocspklasa3_pem.crt
notAfter=Apr 28 10:50:55 2008 GMT [EXPIRED]
CRL=http://www.signet.pl/kwalifikowane/repozytorium/crl/klasa3.crl
Last Update: Jun 30 10:56:24 2006 GMT
Next Update: Jul 1 10:56:24 2006 GMT [EXPIRED]
NO OCSP
Bits=1024
* signet_pca2_pem.crt
notAfter=Sep 21 15:42:19 2026 GMT
CRL=http://www.signet.pl/repozytorium/rootca/rootca.crl
Last Update: Jan 4 12:27:13 2007 GMT
Next Update: Jan 5 12:32:13 2008 GMT [EXPIRED]
NO OCSP
Bits=2048
* signet_pca3_pem.crt
notAfter=Sep 21 15:42:19 2026 GMT
CRL=http://www.signet.pl/repozytorium/rootca/rootca.crl
Last Update: Jan 4 12:27:13 2007 GMT
Next Update: Jan 5 12:32:13 2008 GMT [EXPIRED]
NO OCSP
Bits=2048
* signet_rootca_pem.crt
notAfter=Sep 21 15:42:19 2026 GMT
NO CRL
NO OCSP
Bits=2048
* signet_tsa1_pem.crt
notAfter=Sep 23 11:18:17 2011 GMT [EXPIRED]
CRL=http://www.signet.pl/repozytorium/crl/klasa1.crl
Last Update: Aug 1 09:38:22 2006 GMT
Next Update: Aug 3 09:38:22 2006 GMT [EXPIRED]
NO OCSP
Bits=1024
Additionally, I have found no trace of them after a quick search. signet.pl's
website only contains one root CA, which was never included in Debian.
Unless there's a well-founded argument against its removal, I plan to remove
them from lenny, squeeze, and sid.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org