137335 – SSL certificate for bugzilla isn't signed by a recognized CA

Bug 137335 - SSL certificate for bugzilla isn't signed by a recognized CA

Summary: SSL certificate for bugzilla isn't signed by a recognized CA

Status:	RESOLVED DUPLICATE of bug 108944

Alias:	None

Product:	Gentoo Infrastructure
Classification:	Unclassified
Component:	Bugzilla (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Jeffrey Forman (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-06-19 23:22 UTC by Frank T. Lofaro Jr.
Modified:	2011-10-30 23:15 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Frank T. Lofaro Jr. 2006-06-19 23:22:39 UTC

The SSL certificate for bugzilla isn't signed by a recognized CA.

A real certificate is fairly cheap, and worth it, since there is no way for a user to be sure that someone isn't spoofing bugs.gentoo.org otherwise.

People trust gentoo and bugs.gentoo.org and a malicious hacker could spoof bugs.gentoo.org and put in a "solution" to a bug which has a URL for a "bug fix" which actually points to an exploit.

One can never be too paranoid.

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2006-06-20 00:55:46 UTC


*** This bug has been marked as a duplicate of 108944 ***