[Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signed SSL certificates

Sylvain Beucler Sat, 28 Feb 2009 15:14:51 -0800

Follow-up Comment #7, sr #106651 (project administration):

Nick: we don't use MD5 since 2008 as far as I remember - and neither do
CAcert.org:
$ gnutls-cli --print-cert savannah.gnu.org </dev/null >sv.pem
$ certtool -i < sv.pem | grep 'Signature Algo'
        Signature Algorithm: RSA-SHA



An MD5 cert would produce a warnings in GnuTLS:
        Signature Algorithm: RSA-MD5
warning: signed using a broken signature algorithm that can be forged.


    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?106651>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Savannah-help-public] [sr #106651] Savannah should use CAcert.org-signed SSL certificates

Reply via email to