My @firefox has just rejected a cert, because its root CA cert was signed using MD5. Do they expect collision attacks on self-signed certs?
@mtrojnar @ivanristic @firefox Firefox doesn't care about the signature of a root cert. It is likely a misunderstanding.
-
-
@BRIAN_____@ivanristic@firefox Firefox 42.0 on Ubuntu error: sec_error_cert_signature_algorithm_disabled page: https://www.replicant.us/ -
@mtrojnar@BRIAN_____@ivanristic@firefox the cacert root cert is included in the chain but not in trust store. http://wiki.cacert.org/InclusionStatus -
@ikoz@BRIAN_____@ivanristic@firefox Reporting a disabled signature *algorithm* is a strange way to indicate untrusted root CA.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.