Re: Wildcard digisign-malaysia certificate - and distrust records in general

On Thu, 2013-01-24 at 23:54 +0100, Jan Lühr wrote: > I noticed that some Root-CA-certificates (like CCNIC, Turktrust) > deleted by me reappeared after the last auto-updated. Is there a reason > for doing so? Personally, I decided, that I don't trust these > certificates and therefore I removed the

Re: Wildcard digisign-malaysia certificate - and distrust records in general

Hello, Am 24.01.2013 um 15:17 schrieb Kai Engert: > On Thu, 2013-01-24 at 10:40 +0100, Jan Lühr wrote: >>> I noticed that my firefox installation included a wildcard >> certificate issued by Entrust.net (attached (*)). I'm not clear how it >> got there but wildcard certs make me suspicious by na

Re: NSS 3.12.5 - Bug 665814 - (CVE-2011-3389) Rizzo/Duong chosen plaintext attack (BEAST) on SSL/TLS 1.0 (facilitated by websockets -76)

On Thu, Jan 24, 2013 at 1:52 AM, Sergey Emantayev wrote: > > For the reference, I'm attaching the back ported fix for the 3.12.5, with no > warranties. [...snipped] > --- nss-3.12.5-orig/mozilla/security/nss/lib/ssl/sslimpl.h Tue Jan 15 > 16:40:47 2013 > +++ nss-3.12.5/mozilla/security/nss/

how to use mozzila root certs

Hello, I need to add/remove certificates in my NSS db from certdata.txt (obtained from http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt) I was partially able to parse using the go script (it threw errors at end, however, I can see few bas64 certs in output). I

Wildcard digisign-malaysia certificate - and distrust records in general

On Thu, 2013-01-24 at 10:40 +0100, Jan Lühr wrote: > > I noticed that my firefox installation included a wildcard > certificate issued by Entrust.net (attached (*)). I'm not clear how it > got there but wildcard certs make me suspicious by nature. Can you help > me out? > Apparently it got strippe

Re: NSS 3.12.5 - Bug 665814 - (CVE-2011-3389) Rizzo/Duong chosen plaintext attack (BEAST) on SSL/TLS 1.0 (facilitated by websockets -76)

Thanks Robert for your reply. I will try your solution. For the reference, I'm attaching the back ported fix for the 3.12.5, with no warranties. Regards, Sergey --- nss-3.12.5-orig/mozilla/security/nss/lib/ssl/ssl.h Tue Jan 15 16:40:47 2013 +++ nss-3.12.5/mozilla/security/nss/lib/ssl/ssl.h

Re: [newbie] Wildcard certificate digisin server id

Hello, Am 24.01.2013 um 10:37 schrieb Jan Lühr: > Hello folks, > > I noticed that my firefox installation included a wildcard certificate issued > by Entrust.net (attached (*)). I'm not clear how it got there but wildcard > certs make me suspicious by nature. Can you help me out? > > (*) I ho

[newbie] Wildcard certificate digisin server id

Hello folks, I noticed that my firefox installation included a wildcard certificate issued by Entrust.net (attached (*)). I'm not clear how it got there but wildcard certs make me suspicious by nature. Can you help me out? Thanks in advance, J.Luehr (*) I hope that attachmets of 1.7 KB are or