touch-packages team mailing list archive

Thread
Date

[Bug 1469797] Re: Connecting to some sites via glib-networking is broken due to removed certificates

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Iain Lane <iain@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 30 Jun 2015 10:20:01 -0000
Reply-to: Bug 1469797 <1469797@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: ca-certificates (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1469797

Title:
  Connecting to some sites via glib-networking is broken due to removed
  certificates

Status in ca-certificates package in Ubuntu:
  Invalid

Bug description:
  See

    https://bugzilla.redhat.com/show_bug.cgi?id=1166614 and
    https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest

  - this situation still exists in the wild (e.g. Facebook's CDN), but
  our ca-certificates package has dropped these certs, as of 20150426.

  For example run the attached script on wily or try to use Facebook in
  epiphany.

  Fedora have kept some of these certificates and called them "legacy" -
  I suggest that we could do the same, at least until glib-networking is
  fixed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1469797/+subscriptions

References

[Bug 1469797] [NEW] Connecting to some sites via glib-networking is broken due to removed certificates
From: Iain Lane, 2015-06-29