desktop-packages team mailing list archive

Thread
Date

[Bug 838322] Re: DigiNotar patch erroneously blocks one of the two Staat der Nederlanden roots

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Glen Turner <838322@xxxxxxxxxxxxxxxxxx>
Date: Mon, 05 Sep 2011 05:13:12 -0000
Reply-to: Bug 838322 <838322@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

http://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow-up/
says
"DigiNotar issues certificates as part of the Dutch government’s PKIoverheid (PKIgovernment) program. These certificates are issued from a different DigiNotar-controlled intermediate, and chain up to the Dutch government CA (Staat der Nederlanden). The Dutch government’s Computer Emergency Response Team (GovCERT) indicated that these certificates are issued independently of DigiNotar’s other processes and that, in their assessment, these had not been compromised. The Dutch government therefore requested that we exempt these certificates from the removal of trust, which we agreed to do in our initial security update early this week.

The Dutch government has since audited DigiNotar’s performance and
rescinded this assessment. We are now removing the exemption for these
certificates, meaning that all DigiNotar certificates will be untrusted
by Mozilla products."

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/838322

Title:
  DigiNotar patch erroneously blocks one of the two Staat der
  Nederlanden roots

Status in The Mozilla Firefox Browser:
  Fix Released
Status in “firefox” package in Ubuntu:
  Triaged
Status in “xulrunner-1.9.2” package in Ubuntu:
  Invalid
Status in “firefox” source package in Lucid:
  In Progress
Status in “xulrunner-1.9.2” source package in Lucid:
  In Progress
Status in “firefox” source package in Maverick:
  In Progress
Status in “xulrunner-1.9.2” source package in Maverick:
  In Progress
Status in “firefox” source package in Natty:
  In Progress
Status in “xulrunner-1.9.2” source package in Natty:
  Invalid
Status in “firefox” source package in Oneiric:
  Triaged
Status in “xulrunner-1.9.2” source package in Oneiric:
  Invalid

Bug description:
  The fix for bug #837557 unfortunately had a small regression for users
  of Staat der Nederlanden sites.  One of their two root CAs was
  blocked.  An update is being prepared to fix the issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/firefox/+bug/838322/+subscriptions

References

[Bug 838322] [NEW] DigiNotar patch erroneously blocks one of the two Staat der Nederlanden roots
From: Micah Gersten, 2011-08-31