1 |
In the past, all of the SSL certificates for Gentoo services |
2 |
(forums.g.o, bugs.g.o, etc) were all self-signed. Now that the |
3 |
foundation is in good legal standing again, we are making headway with |
4 |
replacing the certificates with those from CACert, via their |
5 |
Organization assurance program. |
6 |
|
7 |
From the perspective of users, if their browsers trust the CACert Level |
8 |
3 certificate or the Level 1, then the browser should trust the new |
9 |
Gentoo certificates. |
10 |
|
11 |
One of the new certificates is live on forums.gentoo.org as of today, |
12 |
but exposed the need for some further display improvements only (wrong |
13 |
email address) - it still functions perfectly. |
14 |
|
15 |
If your browser doesn't include the CACert roots, see either: |
16 |
http://wiki.cacert.org/wiki/BrowserClients |
17 |
https://www.cacert.org/index.php?id=3 |
18 |
Or make sure you have the latest ca-certificates package (if the browser |
19 |
uses it), and that update-ca-certificates was run properly. |
20 |
|
21 |
-- |
22 |
Robin Hugh Johnson |
23 |
Gentoo Linux Developer & Infra Guy |
24 |
E-Mail : robbat2@g.o |
25 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |