ca-certificates 2014.2.1 will remove several still valid CA certificates with weak keys
Michael Catanzaro
mcatanzaro at gnome.org
Mon Sep 1 23:03:18 UTC 2014
On Mon, 2014-08-18 at 23:48 +0200, Kai Engert wrote:
> Hello,
>
> this is a heads-up for an update to the ca-certificates package that
> I've just submitted for updates-testing for Fedora 19 and 20.
>
> The upstream Mozilla CA list maintainers have decided to start removing
> CA certificates that use a weak 1024-bit key. Although those
> certificates are still valid, Mozilla has worked with the CAs, and they
> did agree that it's OK to remove them.
Hey Kai,
This update has caused a lot of pain for Epiphany. Could you take a look
at [1] when you get a chance and help us figure out what's gone wrong?
Thanks!
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1134602#c3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140901/a527b47b/attachment.sig>
More information about the devel
mailing list