desktop-packages team mailing list archive

[Gervase Markham <gerv@xxxxxxxxxxx>]

Mozilla believes that the exemption for certificates under Staat der
Nederlanden roots is justified, and it is in line with what other
browsers are doing (which used different technical measures which made
an exception unnecessary). We will be posting on the security blog soon
with a fuller explanation of this. The comment in the source code is not
the full story.

Gerv

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/838322

Title:
  Remove the exemptions for the Staat der Nederlanden root

Status in The Mozilla Firefox Browser:
  Fix Released
Status in “firefox” package in Ubuntu:
  Triaged
Status in “xulrunner-1.9.2” package in Ubuntu:
  Invalid
Status in “firefox” source package in Lucid:
  In Progress
Status in “xulrunner-1.9.2” source package in Lucid:
  In Progress
Status in “firefox” source package in Maverick:
  In Progress
Status in “xulrunner-1.9.2” source package in Maverick:
  In Progress
Status in “firefox” source package in Natty:
  In Progress
Status in “xulrunner-1.9.2” source package in Natty:
  Invalid
Status in “firefox” source package in Oneiric:
  Triaged
Status in “xulrunner-1.9.2” source package in Oneiric:
  Invalid

Bug description:
  Here's an updated blog post on the DigiNotar issue:
  http://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow-up/

  The Staat der Nederlanden roots have been removed as well now and we
  in Ubuntu will follow suit.

To manage notifications about this bug go to:
https://bugs.launchpad.net/firefox/+bug/838322/+subscriptions