CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/12/15 13:23:51
Modified files:
lib/libcrypto : cert.pem
Log message:
Remove "C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification
Authority" (serial 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be) root
certificate from cert.pem. ok rpe@
Symantec/VeriSign say "Browsers/root store operators are encouraged to
remove/untrust this root from their root stores" and "hasn't been used to
generate new certificates in several years, and will now be repurposed to
provide transition support for some of our enterprise customers' legacy,
non-public applications" (https://www.symantec.com/page.jsp?id=roots,
http://www.scmagazine.com/google-will-remove-trust-of-symantecs-pca3-g1-certificate/article/459688/).
Also see
https://knowledge.symantec.com/support/ssl-certificates-support/index?page=content&id=ALERT1941
https://googleonlinesecurity.blogspot.co.uk/2015/12/proactive-measures-in-digital.html
