[OT] Would someone please check if links2 and elinks verify certificates on clean install of Debian 8?
Apologies for offtopic (this might be mildly ontopic about the current state of crypto in open source). Would someone please check if links2 and elinks verify certificates on fresh install of Debian 8? To verify, try to open site which doesn't properly chain to trusted root, say https://cacert.org (unless you trust their root ) and check if it opens or there is error/warning. For me, on updated system, both don't verify certificates. Looks like at least ubuntu and fedora killed the elinks bug long ago. Searching the web for "$browser self signed certificate" shows some relevant results.
Dnia sobota, 12 marca 2016 11:29:16 Georgi Guninski pisze:
Apologies for offtopic (this might be mildly ontopic about the current state of crypto in open source).
Would someone please check if links2 and elinks verify certificates on fresh install of Debian 8?
To verify, try to open site which doesn't properly chain to trusted root, say https://cacert.org (unless you trust their root ) and check if it opens or there is error/warning.
For me, on updated system, both don't verify certificates.
Verified on a clean Debian 8 install. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On Sat, Mar 12, 2016 at 11:04:43PM +0100, rysiek wrote:
For me, on updated system, both don't verify certificates.
Verified on a clean Debian 8 install.
Thanks for confirming. Let's see when Debian will learn about this. (This reminds me of a real vim bug posted 1 April looong ago). oss-security and Fyodor's full disclosure are moderating me.
participants (2)
-
Georgi Guninski -
rysiek