Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Nov 2015 18:07:02 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: Announcing
 https://github.com/RedHatProductSecurity/Certificates-Shipped/

On Tue, 24 Nov 2015 21:38:35 -0700
Kurt Seifried <kseifried@...hat.com> wrote:

> https://github.com/RedHatProductSecurity/Certificates-Shipped/
> 
> The idea is to create a comprehensive list of shipped certs/keys/etc
> by open source vendors/distributions/projects so that:

That's good, but in this case why limit to open source vendors?

Actually the MS certs are probably the most interesting for
superfish/edell-like scenarios. And I see no reason why they shouldn't
be transparent.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ