Bug 1414560 - Adjust ca-certificates to allow p11-kit-trust to distinguish between Mozilla-Policy-CAs and others [RHEL 6.x]
Summary: Adjust ca-certificates to allow p11-kit-trust to distinguish between Mozilla-...
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ca-certificates
Version: 6.9
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Kai Engert (:kaie) (inactive account)
QA Contact: BaseOS QE Security Team
Depends On: 1414553
Blocks: 1414563
TreeView+ depends on / blocked
Reported: 2017-01-18 20:29 UTC by Kai Engert (:kaie) (inactive account)
Modified: 2017-10-27 11:41 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2017-10-27 11:41:36 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Kai Engert (:kaie) (inactive account) 2017-01-18 20:29:57 UTC
Once bug 1414553 is fixed, we must update ca-certificates to make use of the new feature, by packaging the Mozilla-CAs in the correct way.

Also, we should improve the documentation of the ca-certificates package, to ensure that admins who install additional CAs, don't accidentally/unknowingly flag CAs as being from Mozilla.

Note You need to log in before you can comment on or make changes to this bug.