| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
These entries are no longer present in certdata.txt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following certificate authorities were added (+):
+ "certSIGN ROOT CA G2"
+ "e-Szigno Root CA 2017"
+ "Microsoft ECC Root Certificate Authority 2017"
+ "Microsoft RSA Root Certificate Authority 2017"
+ "NAVER Global Root Certification Authority"
+ "Trustwave Global Certification Authority"
+ "Trustwave Global ECC P256 Certification Authority"
+ "Trustwave Global ECC P384 Certification Authority"
The following certificate authorities were removed (-):
- "EE Certification Centre Root CA"
- "GeoTrust Universal CA 2"
- "LuxTrust Global Root 2"
- "OISTE WISeKey Global Root GA CA"
- "Staat der Nederlanden Root CA - G2"
- "Taiwan GRCA"
- "Verisign Class 3 Public Primary Certification Authority - G3"
|
|
|
|
| |
This reverts commit 1efe81a680eedb94111716c8825290a0cde509af.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
- remove certificates no longer in certdata.txt
- explicitly ignore distrusted certificates to prevent build errors
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These roots are trusted in the Mozilla program only for S/MIME, so should not be
included in ca-certificates, which most applications use to validate TLS
certificates.
Per https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721976, the only MUAs that
depend on or suggest ca-certificates are Mutt and Sylpheed. Sylpheed doesn't use
ca-certificates for S/MIME. Mutt does, but I think it is still safe to remove
thes because:
(a) S/MIME is relatively uncommon, and
(b) The CAs that have both TLS and S/MIME bits will continue to work, and
(c) Nearly all of the 12 removed email-only CAs have ceased operation of their
email certificate services
Verisign Class 1 Public Primary Certification Authority - G3
Verisign Class 2 Public Primary Certification Authority - G3
UTN USERFirst Email Root CA
SwissSign Platinum CA - G2
AC Raiz Certicamara S.A.
TC TrustCenter Class 3 CA II
ComSign CA
S-TRUST Universal Root CA
Symantec Class 1 Public Primary Certification Authority - G6
Symantec Class 2 Public Primary Certification Authority - G6
Symantec Class 1 Public Primary Certification Authority - G4
Symantec Class 2 Public Primary Certification Authority - G4
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Thanks to Andrew Wilcox and Richard Ipsum for the patch! Closes: #789753
|
|
|
|
|
|
|
| |
This reverts commit a2fa9a13815894500e1e2d9ca3d52bfdd4f75b5a.
Conflicts:
debian/changelog
|
|
|
|
| |
Thanks to Andrew Wilcox for the patch! Closes: #789753
|
| |
|
| |
|
| |
|
|
|
|
| |
They take them out, put them back, take them out again, put them back..
|
| |
|
|
|
|
|
| |
This update only removes an untrusted cert for "Bogus kuix.de", which was
used for testing by mozilla.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Certificates added (+) and removed (-):
+ "SG TRUST SERVICES RACINE"
+ "ACCVRAIZ1"
+ "TWCA Global Root CA"
- "Wells Fargo Root CA"
|
| |
|
|
|
|
|
|
|
| |
- Include mozilla/nssckbi.h which contains the version number, since
it is no longer contained within certdata.txt
- Include mozilla/README.source to document certdata.txt / nssckbi.h
locations upstream
|
| |
|
|
|
|
| |
- removes CA: "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
|
|
|
|
|
|
|
| |
At this point it's unsure if this drastic measure is warranted.
The major browsers are not revoking the TÜRKTRUST roots.
This reverts commit 96c279e8e121c332a0f00b0cbae00a3fa814e46b.
|
| |
|
|
|
|
|
|
|
| |
Certificates added (+) (none removed):
+ "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
+ "T-TeleSec GlobalRoot Class 3"
+ "EE Certification Centre Root CA"
|
|
|
|
|
|
|
|
|
|
| |
Certificates added (+) (none removed):
+ "Actalis Authentication Root CA"
+ "Trustis FPS Root CA"
+ "StartCom Certification Authority"
+ "StartCom Certification Authority G2"
+ "Buypass Class 2 Root CA"
+ "Buypass Class 3 Root CA"
|
|
|
|
|
|
| |
Mozilla Public License updated to v2.0
(No certificates added/removed.)
Update debian/copyright to reflect MPL v2.0
|
|
|
|
| |
No certificates added/removed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Certificates added (+) and removed (-):
+ "Security Communication RootCA2"
+ "EC-ACC"
+ "Hellenic Academic and Research Institutions RootCA 2011"
- "Verisign Class 2 Public Primary Certification Authority"
- "Verisign Class 4 Public Primary Certification Authority - G2"
- "TC TrustCenter, Germany, Class 2 CA"
- "TC TrustCenter, Germany, Class 3 CA"
|
| |
|
| |
|