> but more importantly, there is no HPKP configured That wouldn't make sense. It requires a local client cache. Most cloud images are booting for the first time, so have no such capability. I suppose it could be added to pollinate for the benefit of users who often reboot their VMs without starting fresh *and* use a custom entropy service. But that seems like a pretty unusual configuration to me and doesn't affect the default case.
So I think "...has certificate chain issues" is incorrect, and it is just PFS that needs looking into? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634346 Title: https://entropy.ubuntu.com lacks Perfect Forward Secrecy (PFS) and has certificate chain issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pollen/+bug/1634346/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
