To remove fraudulent certificates like this recent one:
https://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/
a rebuild is required.
See the discussion at lwn.net at:
http://lwn.net/Articles/456798/#Comments

Note the comment about how Internet Explorer doesn't have to be rebuilt and the 
Microsoft Advisory at:
https://www.microsoft.com/technet/security/advisory/2607712.mspx

Maybe better Certificate Revocation List (CRL) support is needed.

I haven't yet submitted a bug upstream as Ubuntu may just want to fork
for better enterprise support.

     Drew Daniels
http://www.boxheap.net/ddaniels/blog

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/543183

Title:
  Updating system certificates requires rebuild

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/543183/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to