[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#575502: marked as done (ITP: certificatepatrol - Certificate Watcher for Iceweasel/Icedove etc.)

Your message dated Tue, 06 Sep 2011 12:32:07 +0000
with message-id <E1R0uox-0002AE-MK@franck.debian.org>
and subject line Bug#575502: fixed in certificatepatrol 2.0.10-1
has caused the Debian Bug report #575502,
regarding ITP: certificatepatrol - Certificate Watcher for Iceweasel/Icedove etc.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

575502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575502
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: wnpp
Severity: wishlist

* Package name    : certificatepatrol
  Version         : 1.1
  Upstream Author : Aiko Barz
                    Mukunda Modell
                    Carlo v. Loesch
* URL             : http://patrol.psyced.org/
* License         : MPL 1.1, GPL 2.0, LGPL 2.1
  Programming Lang: JavaScript, XUL
  Description     : Certificate Watcher for Firefox/Seamonkey/Thunderbird/Sunbird/Fennec - This add-on reveals when certificates are updated, so you can ensure it was a legitimate change

Your web browser trusts a lot of certification authorities and chained sub-authorities, and it does so blindly. "Subordinate or intermediate certification authorities" are a little known device: The root CAs in your browser can delegate permission to issue certificates to an unlimited amount of subordinate CAs (SCA) just by signing their certificate, not by borrowing their precious private key to them. You can even buy yourself such a CA from GeoTrust or elsewhere.

It is unclear how many intermediate certification authorities really exist, and yet each of them has "god-like power" to impersonate any https web site using a Man in the Middle (MITM) attack scenario. Researchers at Princeton are acknowledging this problem and recommending Certificate Patrol. Revealing the inner workings of X.509 to end users is still deemed too difficult, but only getting familiar with this will really help you get in control. That's why Certificate Patrol gives you insight of what is happening.

--- End Message ---
--- Begin Message ---
Source: certificatepatrol
Source-Version: 2.0.10-1

We believe that the bug you reported is fixed in the latest version of
certificatepatrol, which is due to be installed in the Debian FTP archive:

  to main/c/certificatepatrol/certificatepatrol_2.0.10-1.diff.gz
  to main/c/certificatepatrol/certificatepatrol_2.0.10-1.dsc
  to main/c/certificatepatrol/certificatepatrol_2.0.10.orig.tar.gz
  to main/c/certificatepatrol/xul-ext-certificatepatrol_2.0.10-1_all.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 575502@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Christoph Biedl <debian.axhn@manchmal.in-ulm.de> (supplier of updated certificatepatrol package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA1

Format: 1.8
Date: Sun, 04 Sep 2011 15:22:27 +0200
Source: certificatepatrol
Binary: xul-ext-certificatepatrol
Architecture: source all
Version: 2.0.10-1
Distribution: sid
Urgency: low
Maintainer: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
Changed-By: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
 xul-ext-certificatepatrol - Certificate Monitor for Iceweasel/Icedove/Iceape
Closes: 575502
 certificatepatrol (2.0.10-1) unstable; urgency=low
   * Initial release (Closes: #575502).
 6b18cb999fa5b22c4d0003d2de75aafe44ee0790 1122 certificatepatrol_2.0.10-1.dsc
 a6cbac7ded8eee9f2e94f8bdecbbc5d31a4f7e95 64695 certificatepatrol_2.0.10.orig.tar.gz
 aae5099847de1c0282d6c73a3fb097fc269ed443 9364 certificatepatrol_2.0.10-1.diff.gz
 09543785779e623f7c4402df7a6d239a8c6e4c8d 74422 xul-ext-certificatepatrol_2.0.10-1_all.deb
 a5349f55ff64d401e5e6a169ec78d293583b070b9eb1c9cecd73badedcc5d685 1122 certificatepatrol_2.0.10-1.dsc
 ebdc6895ef5fd126e7e9ae91b691abe566cebe168e58b9b0d64423811a75e324 64695 certificatepatrol_2.0.10.orig.tar.gz
 1e9a0d3c441d37f3537619b22c37850404263f0fc071d06b1ce79cb333d0cde8 9364 certificatepatrol_2.0.10-1.diff.gz
 126b6199de0246340bad42f19270ec91bde38e9f4f351075434671de4678f1fa 74422 xul-ext-certificatepatrol_2.0.10-1_all.deb
 7513cb3f7abb5dfe3c5d102870fb644e 1122 web optional certificatepatrol_2.0.10-1.dsc
 2fd949be6e32a9350dcccc40220b6f26 64695 web optional certificatepatrol_2.0.10.orig.tar.gz
 d21e0ee17ac58ff81116f298d7c14e7f 9364 web optional certificatepatrol_2.0.10-1.diff.gz
 f1d54f58ac971aec79eda79f27799fe4 74422 web optional xul-ext-certificatepatrol_2.0.10-1_all.deb

Version: GnuPG v1.4.11 (GNU/Linux)


--- End Message ---

Reply to: