On 03/16/2013 05:35 PM, Mike Hommey wrote: > Likewise, I'd rather know what we do wrt md5, and while at it, cacert > (the cert of which uses a md5 signature at the moment, so it effectively > doesn't work ; see bug 682470) before uploading, so as to avoid doing > two uploads.
the choice of signature digest for the root CA certificate shouldn't be
relevant -- it should only be relevant for intermediate CA certificates
and end entity certificates. if NSS is requiring certain digest
algorithms on the root CA certs, that's probably a bug.
Mike, can you clarify whether that's the case?
--dkg
signature.asc
Description: OpenPGP digital signature
