In article <0901011447100.8...@somehost> you wrote: > Signature Algorithm: md5WithRSAEncryption > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> should be distributed at all. Yes, because it is the self signature, but since we distribute the CA certificate it is not checked but trusted. The question is if this CA signes its issued certificates in a safe way or not. Gruss Bernd -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org