oss-sec mailing list archives

Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/

From: Hanno Böck <hanno () hboeck de>
Date: Wed, 25 Nov 2015 18:07:02 +0100

On Tue, 24 Nov 2015 21:38:35 -0700
Kurt Seifried <kseifried () redhat com> wrote:

https://github.com/RedHatProductSecurity/Certificates-Shipped/

The idea is to create a comprehensive list of shipped certs/keys/etc
by open source vendors/distributions/projects so that:


That's good, but in this case why limit to open source vendors?

Actually the MS certs are probably the most interesting for
superfish/edell-like scenarios. And I see no reason why they shouldn't
be transparent.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: _bin
Description: OpenPGP digital signature

Current thread:

Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 24)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Reed Loden (Nov 25)
  - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
- Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Hanno Böck (Nov 25)
  - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 25)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 25)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Josh Matthews (Nov 30)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Kurt Seifried (Nov 30)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Daniel Micay (Nov 30)
    - Re: Announcing https://github.com/RedHatProductSecurity/Certificates-Shipped/ Gsunde Orangen (Nov 26)