[Touch-packages] [Bug 1258286] Re: CAcert should not be trusted by default

Thu, 04 Dec 2014 23:20:07 -0800 

saucy has seen the end of its life and is no longer receiving any
updates. Marking the saucy task for this ticket as "Won't Fix".

** Changed in: ca-certificates-java (Ubuntu Saucy)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1258286

Title:
  CAcert should not be trusted by default

Status in ca-certificates package in Ubuntu:
  Fix Released
Status in ca-certificates-java package in Ubuntu:
  Fix Released
Status in nss package in Ubuntu:
  Fix Released
Status in ca-certificates source package in Lucid:
  Fix Released
Status in ca-certificates-java source package in Lucid:
  Invalid
Status in nss source package in Lucid:
  Invalid
Status in ca-certificates source package in Precise:
  Fix Released
Status in ca-certificates-java source package in Precise:
  Invalid
Status in nss source package in Precise:
  Fix Released
Status in ca-certificates source package in Quantal:
  Fix Released
Status in ca-certificates-java source package in Quantal:
  Won't Fix
Status in nss source package in Quantal:
  Fix Released
Status in ca-certificates source package in Saucy:
  Fix Released
Status in ca-certificates-java source package in Saucy:
  Won't Fix
Status in nss source package in Saucy:
  Fix Released
Status in ca-certificates source package in Trusty:
  Fix Released
Status in ca-certificates-java source package in Trusty:
  Fix Released
Status in nss source package in Trusty:
  Fix Released
Status in ca-certificates package in Debian:
  Fix Released
Status in ca-certificates-java package in Debian:
  Fix Released

Bug description:
  Ubuntu is one of the few distributions shipping CAcert as a trusted
  certificate. Many distributions are considering[1] whether to remove
  CAcert, and Mozilla closed the RFE[2] for CAcert in 2008, which was
  opened in 2003.

  Concerns were expressed about CAcert's code quality[3], and their
  audit appears to be stalled.

  In the past, it appears that Ubuntu disabled[4] CAcert, but this is no
  longer the case. It may be wise to do so again.

  [1]:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434#50
  [2]: https://bugzilla.mozilla.org/show_bug.cgi?id=215243
  [3]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434#45
  [4]: http://wiki.cacert.org/InclusionStatus?highlight=Ubuntu

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1258286/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to