retitle 619746 gnutls-bin: [certtool] please create CSR outputs with stricter
permission
tags 619746 + upstream
thanks
Hi Nikos!
On Wed, 30 Mar 2011 14:20:04 +0200, Nikos Mavrogiannopoulos wrote:
> On Wed, Mar 30, 2011 at 2:01 PM, Luca Capello wrote:
>
>>> I don't quite understand what is the
On Wed, Mar 30, 2011 at 2:01 PM, Luca Capello wrote:
>> I don't quite understand what is the issue here. What is the
>> information contained in the CRQ that you consider "useless"?
> As I wrote, the "new" CSR (BTW, what does CRQ mean?) contains data other
> than the request itself, e.g. the pas
Hi Nikos!
On Sun, 27 Mar 2011 09:38:13 +0200, Nikos Mavrogiannopoulos wrote:
> On 03/26/2011 06:57 PM, Luca Capello wrote:
>> I was creating a Certificate Signing Request with certtool and then I
>> discovered that the output file contains more than the CSR, even worse
>> it contains the password
On 03/26/2011 06:57 PM, Luca Capello wrote:
> Package: gnutls-bin
> Version: 2.10.5-1
> Severity: important
>
> Hi there!
>
> I was creating a Certificate Signing Request with certtool and then I
> discovered that the output file contains more than the CSR, even worse
> it contains the password a
Hi there!
On Sat, 26 Mar 2011 18:57:26 +0100, Luca Capello wrote:
> Indeed, the output certtool now displays when creating a CSR seems to me
> a template, albeit it includes the CSR at the end.
>
> This is a big regression WRT to security and I do not share Simon's view
> about putting password on
Package: gnutls-bin
Version: 2.10.5-1
Severity: important
Hi there!
I was creating a Certificate Signing Request with certtool and then I
discovered that the output file contains more than the CSR, even worse
it contains the password asked during the creation.
I could not find any reason for tha
6 matches
Mail list logo
