Bug#514807: Regression in libgnutls security update

Florian Weimer fw at deneb.enyo.de
Sat Feb 14 21:19:00 UTC 2009

* Simon Josefsson:

> What are the possible channels to communicate to etch users that they
> will get (intentional) errors from gnutls if they have 1) a V1
> certificate in their certificate chains, or 2) have a RSA-MD2/MD5
> signature in non-trusted certificates in their chain?  Perhaps a wiki
> page will help to explain the issue better than this bug report e-mail
> thread can do.

There doesn't seem to be industry consensus that X.509v1 root
certificates are a bad idea.  This means that users have little
leverage against CAs and server operators when confronted with
problematic certificates.

Furthermore, arguments based on the age of those certificates and the
resulting deficiencies are not that convincing because most root
certificates share one or more of those flaws.  The whole system is a
mess and has little to do with security (whatever it is).  The lack of
accountability and transparency (who owns which root certificates?)
and the disregard for cryptographic best practices (on key sizes and
rollovers) is quite stunning.

More information about the Pkg-gnutls-maint mailing list