I think it would be irresponsible to provide MD2-signed certificates. The discussion is dated 2009. I think ca-certificates should provide neither MD2 nor MD5 root certificates. And MD2 verification should be unsupported in the crypto lib anyway (see CVE-2009-2409).
I think it would be irresponsible to provide MD2-signed certificates. The discussion is dated 2009. I think ca-certificates should provide neither MD2 nor MD5 root certificates. And MD2 verification should be unsupported in the crypto lib anyway (see CVE-2009-2409).