debian CA not shipped in firefox
Bug #1042040 reported by
Paul Childs
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
From question: https:/
Various secure websites signed by ca.debian.org are listed in Firefox as having invalid security certificates. E.g. https:/
One shouldn't have to compromise security on creating exceptions to access secure debian websites. There is a large amount of contribution between Ubuntu and debian devs and having stumbling blocks like this in the way can only hurt the working relationship.
affects: | ca-certificates (Ubuntu) → firefox (Ubuntu) |
summary: |
- Ubuntu doesn't trust debian + debian CA not shipped in firefox |
To post a comment you must log in.
AFAIK that's not true for ca-certificates, it does include the Debian CA. The problem is Firefox, which does not use the database found in ca-certificates at all. And Ubuntu is not allowed thanks to trademark rules to change the certificate database of NSS (c.f. iceweasel vs. firefox in Debian).