On Thu, Sep 01, 2011 at 11:37:41PM -0500, Raphael Geissert wrote: > On Thursday 01 September 2011 17:47:57 Mike Hommey wrote: > > On Thu, Sep 01, 2011 at 02:06:39PM -0500, Raphael Geissert wrote: > > > Unless other certificates were signed with another CA, at least the > > > *.google.com one should fail now. The chain of the the public > > > *.google.com cert is: > > > > > > Issuer: C=NL, O=DigiNotar, CN=DigiNotar Root CA > > > Subject: C=NL, O=DigiNotar, CN=DigiNotar Public CA 2025 > > > > > > Issuer: C=NL, O=DigiNotar, CN=DigiNotar Public CA 2025 > > > Subject: C=US, O=Google Inc, L=Mountain View/serialNumber=PK000229200002, > > > CN=*.google.com > > > > AIUI, the DigiNotar Public CA 2025 is cross signed by Entrust. > > Do you have a copy of that one?
http://www.diginotar.nl/LinkClick.aspx?fileticket=lSCwDq6q038%3d&tabid=308 It looks like it's not cross-signed. Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
