Bug#514578: libgnutls26: similar gnutls26 problem with mutt+msmtp after recent update
Chess Griffin
chess at chessgriffin.com
Tue Feb 10 23:13:25 UTC 2009
* Daniel Kahn Gillmor <dkg at fifthhorseman.net> [2009-02-10 18:04:44]:
> RapidSSL has been willing to freely re-issue all of its older MD5
> certificates using SHA1 from what i've seen. I suggest that you contact
> your system administrators and advise them that they are using a
> certificate that requires trust in a known-weak digest algorithm to
> verify. Since it was issued by RapidSSL, you may wish to point them to
> their FAQ on the subject:
>
> https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AD125
>
> We hope to ship lenny with MD5 fully deprecated in GnuTLS so that
> GnuTLS-reliant apps are not subject to forged intermediate certificate
> authorities or other attacks based on a weak digest algorithm.
>
> Thanks for reporting this,
>
> --dkg
>
Daniel,
Thank you very much for the helpful information. I have passed this along
to Tuffmail along with a link to this bug report so hopefully they will
update their certs soon. Sorry posting noise about what ultimately is
not a bug. :-)
Regards,
Chess
--
Chess Griffin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20090210/df2697ef/attachment.pgp
More information about the Pkg-gnutls-maint
mailing list