Re: gnome-keyring DigiCert SSL Certificates in GNOME



Hello,

Thank you for your helpful response.  I am pleased with your bringing this to the attention of the gnome-keyring mailing list.  If there are any recipients that have any questions or suggestions regarding the new DigiCert Root Certificates, please don't hesitate to contact me:

Christopher Skarda
1-801-701-9675 (Office)


Best Regards,

Chris
DigiCert Vice President of Operations




Email: 
Chris DigiCert com
Direct: 
1-801-877-2111 
Fax: 
1-801-705-0481 


The information contained in this transmission may contain privileged and confidential information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Thank You





On Nov 24, 2008, at 9:24 PM, Stef wrote:

Christopher Skarda wrote:
I am pleased to contact you on behalf of DigiCert, Inc.  We have three
updated root authority SSL certificates including our new EV root that
we would like to ensure are included/trusted in GNOME projects including
Epiphany and Balsa. I was told that you might be able to help me.

Our new root certificates have already been accepted/included in many
browsers/suites including the following:

<snip>

We value our GNOME users and would like to ensure that our certificates
are trusted on GNOME projects as well.  It is likely that our new root
certificates are already being included in GNOME projects.  Would you
please confirm whether or not this is the case?    

Hi! Thanks for getting in touch.

At this point in time the GNOME project does not distribute any root CA
certificates. The gnome-keyring component of GNOME has facilities to
facilitate use of the root CA certificates installed on the machine.

Ultimately the Linux Distro and to some extent the administrator of a
system controls the CA certificates installed and trusted.

Projects like Debian and Ubuntu distribute certificates in their
'ca-certificates' package.

In addition GNOME projects like Evolution and Epiphany use the CA
certificates included in Mozilla's NSS security library. These are hard
coded into each NSS release.

I cannot vouch for every distribution of GNOME out there, however I
verified that your up to date certificates are included with at least
the latest Ubuntu, and are available in epiphany, evolution. They are
also present in the 'ca-certificates' package, which balsa seems to use.

Let me know if you have any further questions. I hope it's okay that I
CC'd this to the gnome-keyring mailing list so that others can
contribute any relevant information.

Cheers,

Stef Walter


Attachment: smime.p7s
Description: S/MIME cryptographic signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]