Package: ca-certificates
Version: 20130906
Followup-For: Bug #683403
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch
*** /tmp/tmpG_KsCC/bug_body
Openssl doesn't appear to correctly handle not having both versions
of the same signed roots. I have decided that we
OK, I am now convinced that we don't need the md2 certs, applications
should be able to validate using the sha1 certs. I believe a bug in
libsoup/glib-networking is causing the sha1 certs to not be used.
We still should improve ca-certificates to make _sure_ that we're
shipping the sha1 certs
On 08/01/2012 09:37 AM, Marc Deslauriers wrote:
OK, I am now convinced that we don't need the md2 certs, applications
should be able to validate using the sha1 certs. I believe a bug in
libsoup/glib-networking is causing the sha1 certs to not be used.
Thanks for the clarification.
We still
Package: ca-certificates
Version: 20111211
Severity: normal
Verisign shipped G1 PCA Roots with md2 signatures on them. At some point,
they resigned those roots using SHA1, but requested that the original certs
keep shipping in Mozilla's cert list as they had issued intermediates with
AKIs that
4 matches
Mail list logo