[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: 'mozilla-rootcerts' erroneously flags certs "untrusted" (was: Re: certdata-20140820.txt missing certs?)
There is a discrepancy in the structure of the "certdata.txt" file.
The ninth data block is a "cert_trust" section without a preceeding
"cert_data" section. That "cert_trust" section refers to a certificate
that is considered untrusted but not present in the "certdata.txt" file.
As such, the way the "mozilla-rootcerts" script determines when to stop
examining "cert_trust" values (a line containing only a "#" comment,
regexp /^#$/ such as found in the header for a "cert_data" section)
instead continues examining the spurious "cert_trust" section and marks
the preceeding otherwise-valid cert ("mozilla-rootcert-3.pem" in this
case) as "untrusted" and removes it.
|/"\ John D. Baker, KN5UKS NetBSD Darwin/MacOS X
|\ / jdbaker[snail]mylinuxisp[flyspeck]com OpenBSD FreeBSD
| X No HTML/proprietary data in email. BSD just sits there and works!
|/ \ GPGkeyID: D703 4A7E 479F 63F8 D3F4 BD99 9572 8F23 E4AD 1645
Main Index |
Thread Index |