Custom Query (1145 matches)
Results (103 - 105 of 1145)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#1393 | fixed | Trac XMLRPC script | jdreed | |
Description |
We should have one, for a Git post-commit hook and for daupload and friends. |
|||
#1389 | fixed | Remove MIT CA from global trust store | geofft | |
Description |
It's been more than a year since mitcert started issuing certs via InCommon/Internet2 (an intermediate via the well-known AddTrust root), instead of via the MIT CA. I believe this means that all MIT CA-signed certs are now expired, although I haven't checked. If this is the case, we no longer need to ship the MIT CA and configure it in the system trust store. Chrome / Chromium now has a certificate authority pinning feature, where several high-risk sites (Google, Twitter, Tor, etc.) are restricted in which CAs are allowed to sign them. As that article points out, any locally-configured CAs are also permitted, since Chrome can't distinguish private CAs like MIT's from semi-legitimate SSL MITM proxies. This effectively means that the MIT CA is permitted to MITM these high-traffic sites, meaning that including the MIT CA is a security risk (it could get stolen or otherwise misused) for zero security benefit (if there are no unexpired MIT CA-signed certs). |
|||
#1387 | fixed | TracZephyrPlugin should zephyr the ticket URL | adehnert | |
Description |
Current snippets supports this already. |