On Fri, 2014-11-21 at 17:17 +0100, Kai Engert wrote:
> https://admin.fedoraproject.org/updates/ca-certificates-2014.2.1-1.5.fc19
> https://admin.fedoraproject.org/updates/ca-certificates-2014.2.1-1.5.fc20
I'd appreciate more testing feedback.
I'd like to push these packages into the stable update
On Fri, 2014-11-21 at 10:45 -0500, Stephen Gallagher wrote:
> Kai, this is very important information buried at the bottom of a long
> email thread; would you mind re-sending this summary in a new thread
> (also to devel-announce) so that people are sure to see it?
done
--
devel mailing list
de
Resending this as a new thread, for increased visibility.
As explained in the older thread, the Mozilla project has started to
remove CA certificates that contain weak keys. Those removals cause
issues with software based on OpenSSL, and software based on older
versions of GnuTLS.
(A short descri
On Fri, 2014-11-21 at 14:03 +0100, Kai Engert wrote:
> On Fri, 2014-10-31 at 14:05 +0100, Kai Engert wrote:
> > All legacy root CA certificates, which seem to be required for full
> > compatibility with either OpenSSL or GnuTLS, will continue to be
> > included and enabled in the ca-certificates
FYI, I'm documenting the changes that we make on top of the Mozilla CA
list at:
https://fedoraproject.org/wiki/CA-Certificates
Kai
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-
On Fri, 2014-10-31 at 14:05 +0100, Kai Engert wrote:
> All legacy root CA certificates, which seem to be required for full
> compatibility with either OpenSSL or GnuTLS, will continue to be
> included and enabled in the ca-certificates package.
>
> For users who are willing to accept the breakage
