On 22/01/15 15:39, Michael Shuler wrote: > Control: tags -1 + wontfix > > On 01/21/2015 11:18 AM, Carlos Alberto Lopez Perez wrote: >> - Certificate[3] info: >> - subject `C=US,O=Entrust.net,OU=www.entrust.net/CPS incorp. by ref. >> (limits liab.),OU=(c) 1999 Entrust.net Limited,CN=Entrust.net Secure >> Server Certification Authority', issuer >> `C=US,O=Entrust.net,OU=www.entrust.net/CPS incorp. by ref. (limits >> liab.),OU=(c) 1999 Entrust.net Limited,CN=Entrust.net Secure Server >> Certification Authority', RSA key 1024 bits, signed using RSA-SHA1, >> activated `1999-05-25 16:09:40 UTC', expires `2019-05-25 16:39:40 >> UTC', SHA-1 fingerprint `99a69be61afe886b4d2b82007cb854fc317e1539' >> - Status: The certificate is NOT trusted. The certificate issuer is >> unknown. > > CN=Entrust.net Secure Server Certification Authority' > SHA-1 fingerprint `99a69be61afe886b4d2b82007cb854fc317e1539' > > This CA (as well as all other 1024-bit CAs) was removed from the Mozilla > certificate bundle. You will find this CA removal listed in the > ca-certificates 20140927 release changelog. > > https://bugzilla.mozilla.org/show_bug.cgi?id=936304 > http://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/tree/debian/changelog?id=debian/20140927 > >
So.... Why iceweasel, chromium or wget accept this certificate as valid? Do you have any idea?
signature.asc
Description: OpenPGP digital signature
