Thanks Steve. Regards,
// Ola On Sun, Feb 11, 2007 at 12:19:30AM -0800, Steve Langasek wrote: > severity 410498 normal > thanks > > On Sun, Feb 11, 2007 at 02:22:09AM -0500, Yaroslav Halchenko wrote: > > Since I suspect that the cause is in SSL error mentioned below, and > > since shipped certificate is the one used on all the systems and no > > directions are given that it has to be replaced for ntop to > > function properly, I raised severity to grave. > > No, this is not grave. You shouldn't be depending on a package-provided > private key for any SSL operations anyway, because it provides no real > security when anyone else with a copy of the package can decrypt your web > traffic. > > So by all rights, the fact that this certificate is broken should be > considered a feature, not a bug. > > -- > Steve Langasek Give me a lever long enough and a Free OS > Debian Developer to set it on, and I can move the world. > [EMAIL PROTECTED] http://www.debian.org/ > > -- --------------------- Ola Lundqvist --------------------------- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | +46 (0)54-10 14 30 +46 (0)70-332 1551 | | http://opalsys.net/ UIN/icq: 4912500 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
