As we're hating on Dell for bundling a CA as root, don't forget that @debian adds themselves as a CA as well.
http://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/tree/debian/README.Debian …
-
-
@__agwa The way they modify the NSS package (binary patching at build time), it actually wouldn't; to us, it looks as if part of 'OS store' -
@sleevi_ That's silver lining, but the situation is still absurd. They also trust CAcert and several CAs with lapsed audits. :-( -
@__agwa Yes. Unfortunately,@debian and@debian_security don't treat CA updates as critical security updates like other OS vendors do. -
@__agwa@debian@debian_security As a result, the Linux ecosystem as a whole is held back to a lower security standard (c.f. SHA-1 as well)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.