What's the latest status on this?
Thanks,
Jacob
Hi, sending you a gentle ping on this. Would love to get this fix
landed. Thanks!
Hi, just checking in on the status of this. I provided a patch above;
does it look good to you?
Hi! Any updates on this? Thanks!
Great! Here's my proposed patch. It winds up being pretty small, just
removing the lines from certdata2pem.py that pull in email certificates.
Thanks,
Jacob
>From 68bc5e229a474fc2815dea530cc246e3d3b55008 Mon Sep 17 00:00:00 2001
From: Jacob Hoffman-Andrews <git...@hoffman-andrews.com>
What are the next steps for the package to get released? Is there
anything we can help with? Thanks!
Sorry, meant to address my previous message to Michael. :-)
I've done a little digging, and according to the first-level results from:
apt-rdepends --reverse --show=Depends,Recommends,Suggests ca-certificates
The only MUAs that depend, recommend, or suggest ca-certificates are
mutt and
Hi Marc,
I work on EFF's Encrypt the Web project and the Let's Encrypt
certificate authority. I'd like to lend support to what Andrew's saying:
It's both urgent and important to remove the email roots from the
default set of certificates trusted on Debian.
I think Andrew's proposal is good;
Also, how many files and directories do you have under
/etc/letsencrypt/archive?
find /etc/letsencrypt/archive | wc -l
ls /etc/letsencrypt/archive | wc -l
There is a known issue with Certbot performing poorly when many old
certificates are present.
What is the command that is running when certbot consumes a lot of memory?
Can you provide the contents of /etc/cron.d/certbot, and
/var/log/letsencrypt.log from a run where certbot consumed a lot of memory?
If you're using the Nginx or Apache configurators, can you provide your
Nginx or Apache
Package: postfix
Version: 2.9.6-2
Severity: normal
Dear Maintainer,
The default config for a newly installed Postfix supports inbound
STARTTLS, but it does not support outbound STARTTLS, even if the remote
host advertises support. I think the default Postfix config in Debian
should have this
11 matches
Mail list logo
