severity 576739 wishlist tags 576739 -security thanks Hi Dererk,
On Tue, April 6, 2010 22:23, Dererk wrote: > Package: ca-certificates > Version: 20090814 > Severity: critical > Tags: security > X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org > > Hello. > > Please remove "RSA Security 1024 V3" root certificate ASAP from > ca-certificates package. > > https://bugzilla.mozilla.org/show_bug.cgi?id=549701 In that bug log, Kathleen Wilson states in https://bugzilla.mozilla.org/show_bug.cgi?id=549701#c8: | RSA has confirmed that they are in possession of the private key for the | "RSA Security 1024 V3" root certificate. RSA agrees that this root should | be removed from NSS. There doesn't seem to be a compromise situation that would warant critical severity and the security tag. I'm downgrading this to a wish to remove an obsolete certificate and leaving that to the ca-certificates maintainers to follow up on. cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
