nmh-workers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] TLS certificate validation

From: Jeffrey Honig
Subject: Re: [Nmh-workers] TLS certificate validation
Date: Sun, 25 Sep 2016 10:59:26 -0400

On Sun, Sep 25, 2016 at 10:31 AM, Ralph Corderoy <address@hidden> wrote:
It's not quite that bad.  Debian stable is Jessie, and it has
ca-certificates 20141019+deb8u1 which you'd think was 2014, but
http://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20141019+deb8u1_changelog
shows an update on 2015-12-14 to kick out some of the untrustworthy
authorities under
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806239

I'd hope Debian ARM has that.

Ralph, 

I sit corrected.  I should not have researched that before drinking my coffee.

I also see another pending update from 2016-08-16 to deb8u2 that has not yet been pushed.


What would be good to find is a script that can do an audit of a system's ca-certificates and list any that have been revoked or have expired and run this on our build servers.  A quick google doesn't turn up one for Linux.

reply via email to
[Prev in Thread] Current Thread [Next in Thread]