SCIENTIFIC-LINUX-USERS Archives

September 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: {OT} Saga with certificates continues : "Hackers steal SSL certificates for CIA, MI6, Mossad"
From:
Frank Lanitz <[log in to unmask]>
Reply To:
Frank Lanitz <[log in to unmask]>
Date:
Tue, 6 Sep 2011 14:19:40 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (30 lines) 
Am 06.09.2011 06:38, schrieb Franchisseur Robert:
> -- Le (On) 2011-09-06 +0200 à (at) 00:53:39 Andreas Petzold écrivit (wrote): --
> 
>> On Tuesday, September 06, 2011 00:26:22 Valerii D. wrote:
>>> <snip> 
>>>
>>> Yes. And the distribution is still the browser 3. 6. 2 without security
>>> updates. And with a certificate from DigiNotar.
>>
>> TUV released the errata a week ago, so we can expect to see patched rpms from 
>> SL soon. In the meantime you can just delete the Diginotar CA from FF.
>>
> 
>        You can't ! It seems it was deleted but if you re-open :
> 
>        Edit --> Preferences --> Advanced --> Encryption --> View certificats --> Authorities
> 
>        it is still there !
> 
> 

Don't delete them, just mark them as not trustworthy. This will help.


Cheers,
Frank

P.S. Aren't the certifactes distributes within the ca-package which have
at least been updated for 6.x?

ATOM RSS1 RSS2