From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Fri, 22 Dec 2017 04:28:05 +0300 From: "Dmitry V. Levin" To: ALT Devel discussion list Message-ID: <20171222012805.GA16098@altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <20171221184816.2968172e@sem.office.basealt.ru> <20171222003606.GJ4981@comp-core-i7-2640m-0182e6.fortress> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="/04w6evG8XlLl3ft" Content-Disposition: inline In-Reply-To: <20171222003606.GJ4981@comp-core-i7-2640m-0182e6.fortress> Subject: Re: [devel] RFC: ca-certificates a la Fedora X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Dec 2017 01:28:06 -0000 Archived-At: List-Archive: List-Post: --/04w6evG8XlLl3ft Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 22, 2017 at 01:36:06AM +0100, Alexey Gladkov wrote: > On Thu, Dec 21, 2017 at 06:48:16PM +0300, Mikhail Efremov wrote: > > Hello! > >=20 > > =FC=D4=CF =C4=CF=CC=D6=CE=CF =D2=C1=C2=CF=D4=C1=D4=D8 =D3 openssl =C9 g= nutls, =C1 =D7=CF=D4 =D3 nss =D0=D2=CF=C2=CC=C5=CD=C1: =D1 =D4=C1=CB > > =D0=CF=CE=C9=CD=C1=C0, =DE=D4=CF nss =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4 =D3= =CF=C2=D3=D4=D7=C5=CE=CE=D9=CA =C2=C1=CE=C4=CC, =C1 =CE=C5 =D3=C9=D3=D4=C5= =CD=CE=D9=CA, =C9 > > =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4 libnssckbi.so =C4=CC=D1 =D2=C1=C2=CF=D4= =D9 =D3 =CE=C9=CD. =F7 p11-kit =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4=D3=D1 =CD=CF= =C4=D5=CC=D8 > > pkcs11/p11-kit-trust.so =C9 =D5=D4=D7=C5=D2=D6=C4=C1=C5=D4=D3=D1, =DE= =D4=CF =CF=CE =C2=C9=CE=C1=D2=CE=CF =D3=CF=D7=CD=C5=D3=D4=C9=CD =D3 > > libnssckbi.so, =D4=C1=CB =DE=D4=CF =D7 =E6=C5=C4=CF=D2=C5 =CE=C5=CB=CF= =D4=CF=D2=CF=C5 =D7=D2=C5=CD=D1 =C9=CD=C5=CC=C9 =CD=CF=C4=D5=CC=C9 > > libnssckbi.so =C9 p11-kit-trust.so =CE=C1 =C1=CC=D8=D4=C5=D2=CE=C1=D4= =C9=D7=C1=C8, =C1 =D3=C5=CA=DE=C1=D3 =D0=D2=CF=D3=D4=CF > > =D7=D9=CB=C9=CE=D5=CC=C9 libnssckbi.so =C9=DA nss > > (https://bugzilla.redhat.com/show_bug.cgi?id=3D1484449). > > =EE=CF =C4=C1=D6=C5 =C5=D3=CC=C9 =D0=D2=CF =C2=C9=CE=C1=D2=CE=D5=C0 =D3= =CF=D7=CD=C5=D3=D4=C9=CD=CF=D3=D4=D8 - =DC=D4=CF =D0=D2=C1=D7=C4=C1, =D4=CF= =D5 =CD=C5=CE=D1 =C5=D3=D4=D8 > > =D3=CF=CD=CE=C5=CE=C9=D1, =DE=D4=CF =DC=D4=CF =D7=D3=C5=C7=C4=C1 =C2=D5= =C4=C5=D4 =D4=C1=CB =D7 =D3=CC=C5=C4=D5=C0=DD=C9=C8 =D7=C5=D2=D3=C9=D1=C8 n= ss =C9 p11-kit =C9 > > =CE=C1=D3 =CE=C5=D4 =C1=D7=D4=CF=CD=C1=D4=C9=DE=C5=D3=CB=CF=CA =D0=D2= =CF=D7=C5=D2=CB=C9 =D4=C1=CB=C9=C8 =D7=C5=DD=C5=CA =D0=D2=C9 =D3=C2=CF=D2= =CB=C5. >=20 > =EE=C5=D4=D5. =F0=CC=C0=D3 =D0=CF=D1=D7=CC=C5=CE=C9=C5 =CE=C5=D3=CF=D7=CD= =C5=D3=D4=C9=CD=CF=D3=D4=C9 =D3=D4=C1=CE=C5=D4 =C2=CC=CF=CB=C9=D2=CF=CB=C5= =D2=CF=CD =CB =CF=C2=CE=CF=D7=CC=C5=CE=C9=C0 nss, > =DE=D4=CF =D3 =D4=CF=DE=CB=C5 =DA=D2=C5=CE=C9=D1 =C2=C5=DA=CF=D0=C1=D3=CE= =CF=D3=D4=C9 =CD=CE=C5 =CE=C5 =CE=D2=C1=D7=C9=D4=D3=D1. >=20 > =E5=D3=CC=C9 =C9=C4=D4=C9 =D0=CF =DC=D4=CF=CD=D5 =D0=D5=D4=C9, =D4=CF =D1= =C2=D9 =D3=C4=C5=CC=C1=CC =C1=CC=D8=D4=C5=D2=CE=C1=D4=C9=D7=D9 =C4=CC=D1 = =DC=D4=CF=CA =C2=C9=C2=CC=C9=CF=D4=C5=CB=C9. =E1=CC=D8=D4=C5=D2=CE=C1=D4=C9=D7=D9 =C4=CC=D1 =C2=C9=C2=CC=C9=CF=D4=C5=CB = -- =DC=D4=CF =D7=CF=CF=C2=DD=C5 =D0=CC=CF=C8=C1=D1 =C9=C4=C5=D1, =D1 =D7=D3= =A3 =CE=C9=CB=C1=CB =CE=C5 =D0=D2=C9=C4=D5=CD=C1=C0 =D3=D0=CF=D3=CF=C2=C1 =C9=C8 =DC=C6=C6=C5=CB=D4=C9= =D7=CE=CF =DA=C1=D0=D2=C5=D4=C9=D4=D8. > =EB=D2=CF=CD=C5 =D4=CF=C7=CF, =D7 nssckbi =D7=D3=D4=D2=CF=C5=CE=CE=C1=D1 = =C2=C1=DA=C1 Root CA Certificate =D0=CF=C4=C4=C5=D2=D6=C9=D7=C1=C5=D4=D3=D1= =D7 > =C1=CB=D4=D5=C1=CC=D8=CE=CF=CD =D3=CF=D3=D4=CF=D1=CE=C9=C9 Mozilla. =F0=C1=CB=C5=D4 ca-certificates, =CE=C1=D3=CB=CF=CC=D8=CB=CF =D1 =D0=CF=CE= =C9=CD=C1=C0, =D0=CF=D3=D4=C1=D7=CC=D1=C5=D4 =D4=D5 =D6=C5 =D3=C1=CD=D5=C0 = =C2=C1=DA=D5, =CB=CF=D4=CF=D2=D5=C0 =C9=CD=D0=CF=D2=D4=C9=D2=D5=C5=D4 =C9=DA nss/lib/ckfw= /builtins/certdata.txt, =C4=CF=D3=D4=C1=D4=CF=DE=CE=CF =D0=D2=CF=D3=D4=CF =CF=C2=CE=CF=D7=CC=D1=D4= =D8 =C5=A3 =D3=D7=CF=C5=D7=D2=C5=CD=C5=CE=CE=CF. > =F7 =D4=CF=D6=C5 =D7=D2=C5=CD=D1 >=20 > # > # ALT CA > # > =20 > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 0 (0x0) > Signature Algorithm: sha1WithRSAEncryption > Issuer: C=3DRU, O=3DALT Linux Team, OU=3DALT Certification Author= ity, CN=3DALT Root Certification Authority/emailAddress=3Dca-root@altlinux.= org > Validity > Not Before: Jan 1 00:00:00 2007 GMT > Not After : Jan 1 00:00:00 2017 GMT > Subject: C=3DRU, O=3DALT Linux Team, OU=3DALT Certification Autho= rity, CN=3DALT Root Certification Authority/emailAddress=3Dca-root@altlinux= =2Eorg >=20 > =E9 =D7=CF=D4 `Not After : Jan 1 00:00:00 2017 GMT` =D7=D3=C5=CC=D1=C5= =D4 =D3=CF=CD=CE=C5=CE=C9=D1 =D7 =D4=C1=CB=CF=CD =D6=C5 > =D5=D2=CF=D7=CE=C5 =D0=CF=C4=C4=C5=D2=D6=CB=C9. =FC=D4=CF =C1=D2=D4=C5=C6=C1=CB=D4, ALT CA =C4=C1=D7=CE=CF =D2=C5=DB=C9=CC= =C9 =D5=D0=D2=C1=DA=C4=CE=C9=D4=D8. > > libnssckbi.so, =D4=CF=C7=C4=C1 =D5 =CE=C1=D3 =C4=C5=CA=D3=D4=D7=C9=D4= =C5=CC=D8=CE=CF =C2=D5=C4=C5=D4 =C5=C4=C9=CE=CF=C5 =CD=C5=D3=D4=CF =C4=CC=D1 > > =C8=D2=C1=CE=C5=CE=C9=D1 CA =D3=C5=D2=D4=C9=C6=C9=CB=C1=D4=CF=D7. =FC= =D4=D5 =D0=D2=CF=C2=CC=C5=CD=D5 =D0=D2=C9=C4=C5=D4=D3=D1 =CB=C1=CB-=D4=CF = =D2=C5=DB=C1=D4=D8. >=20 > =EE=C1 =CD=CF=CA =D7=DA=C7=CC=D1=C4 =D0=D2=C1=D7=C9=CC=D8=CE=D9=CA =D0=D5= =D4=D8 =DC=D4=CF =C4=CF=C2=C1=D7=CC=C5=CE=C9=C5 =D3=C5=D2=D4=C9=C6=C9=CB=C1= =D4=CF=D7 =D7 =C2=C1=DA=D5 nss. > https://wiki.mozilla.org/NSS_Shared_DB > https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX =F3=D5=DD=C5=D3=D4=D7=D5=C5=D4 =CC=C9 =C9=CE=D3=D4=D2=D5=CD=C5=CE=D4 =DC=CB= =D3=D0=CF=D2=D4=C1 =D7 =C6=CF=D2=CD=C1=D4, =D3 =CB=CF=D4=CF=D2=D9=CD =D2=C1= =C2=CF=D4=C1=C5=D4 libnssckbi.so? > =EE=D5 =C9=CC=C9 =C1=CC=D8=D4=C5=D2=D4=C1=CE=D4=C9=D7=D9 =C4=CC=D1 libnss= ckbi.so. =EC=C9=C2=CF =D2=C1=DA=CE=D9=C5 =D2=C5=C1=CC=C9=DA=C1=C3=C9=C9 libnssckbi.s= o =CF=CB=C1=D6=D5=D4=D3=D1 =CE=C1=D3=D4=CF=CC=D8=CB=CF =D3=CF=D7=CD=C5=D3= =D4=C9=CD=D9, =DE=D4=CF =C2=D5=C4=C5=D4 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8=D3=D1 =D4=CF=CC=D8=CB= =CF =CF=C4=CE=C1, =CC=C9=C2=CF =CE=C5=D4, =C9 =D4=CF=C7=C4=C1 =D0=D2=C9=C4= =A3=D4=D3=D1 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 =D2=C1=DA=CE=D9=C5 =D2=C5=C1=CC=C9=DA=C1=C3=C9=C9 =CF=C4=CE=CF=D7=D2=C5=CD= =C5=CE=CE=CF =C9 =CD=D9 =D7=C5=D2=CE=A3=CD=D3=D1 =CB =CE=D9=CE=C5=DB=CE=C5= =CA =D3=C9=D4=D5=C1=C3=C9=C9. --=20 ldv --/04w6evG8XlLl3ft Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJaPF+lAAoJEAVFT+BVnCUIfm4QAKhTrFil5rfe2kDFd8/gKVPa vza36baV06YiXbGhIzQcDAY4JpULmOSQJMfFHdwQQyHC7SWVhByh4f/V9HqoMlwp MslZLaoSbMtQIef03SQvXlTy855WlkO/CHobBqTyewZJD7/UoxdzHaAtknWj8KBN Ec3xNd+OwArkIn7NVzLYSnjkFyhUQQF+9v3zJc1MsYMg9h4t12PfywZJoCxI8NAs 1C4JtF7LBdUzaNJXeuiPks6gxnTmnuF1XOvKA7ECm01Crioq3wwC76fqfoYKSZ4b F0CYrU8tEEvDgjbKTLNxneDkEox/VvQkgbgALIkve05rC4TzISLq30ue9M386/aI OoaXy4dZ68w5xNO+R5du+izycMORxyEWI5jnGZ2nblAN8Oa3K6Fzv9TorgLKdXRq NkALClyUfLxBFd3yp7ftRWKHea0ZRTRXzHd/8VJv+mG+r3jStcTDHHbE8+OJudtN HXjbvqTJ81++sMrf1hsKax3zmcxzjh/Ev7uB/cYMwsbxYVs5ymjlTKF0DO9cff9K rpLJGv3qxwP3Z+uWJbyuzb+KsES/TDwiYyBCS528i02owFWOfYpNWUA6cmITY7C5 xpF4lmKULN6OTg4b6FL1u4iy9u5cpUo/zgvj/XuQGbbcUCaDszSzq/q0mGTPAPAO +7GC9EbgxgLe6+dYUXj6 =Py+i -----END PGP SIGNATURE----- --/04w6evG8XlLl3ft--