[Pidgin] #15850: The Pidgin certificate store needs some work

Pidgin trac at pidgin.im
Fri Jan 10 19:10:09 EST 2014


#15850: The Pidgin certificate store needs some work
--------------------+----------------------------------
 Reporter:  xnyhps  |      Owner:
     Type:  defect  |     Status:  new
Milestone:          |  Component:  libpurple
  Version:  2.10.7  |   Keywords:  tls ssl certificates
--------------------+----------------------------------
 * `StartCom_Free_SSL_CA.pem` is no longer used by StartCom and should be
 removed. Mozilla removed it:
 [https://bugzilla.mozilla.org/show_bug.cgi?id=534274#c17 #5 here].

 These 3 were fixed for 3.0 in
 [https://hg.pidgin.im/pidgin/main/rev/eabd1c116303 eabd1c116303], but they
 are still present on 2.x.y:
 * `Microsoft_Internet_Authority.pem` was valid until Feb 19 18:24:53 2011
 GMT.
 * `Microsoft_Secure_Server_Authority.pem` was valid until Feb 19 18:24:53
 2011 GMT.
 * `Verisign_RSA_Secure_Server_CA.pem` was valid until Jan  7 23:59:59 2010
 GMT.

 * `CAcert_Class3.pem` has a new version available from
 http://www.cacert.org/index.php?id=3. The public key is the same, but it
 switched to sha256WithRSAEncryption for the signature.

 Of note for later:

 * `Microsoft_Secure_Server_Authority_2010.pem` expires in May. I ''think''
 it is no longer in use right now, but it's probably better to play it safe
 and wait until May for removing it.

-- 
Ticket URL: <https://developer.pidgin.im/ticket/15850>
Pidgin <https://pidgin.im>
Pidgin


More information about the Tracker mailing list