[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] gnu: icedtea-8: Build keystore without id-ecPublicKey certif

From: Roel Janssen
Subject: Re: [PATCH] gnu: icedtea-8: Build keystore without id-ecPublicKey certificates.
Date: Wed, 01 Mar 2017 23:52:42 +0100
User-agent: mu4e 0.9.18; emacs 25.1.1

Ricardo Wurmus writes:

> Carlo Zancanaro <address@hidden> writes:
>> On Mon, Feb 27 2017, Roel Janssen wrote
>>> Unfortunately, I don't seem to be able to apply your patch. [ ... ]
>> Hmm. That's strange. I generated a new patch which hopefully will work.
>> I tried applying it to master on my machine and it seemed to work fine.
>> I'm not sure what to do with this in light of Ricardo's comments, but
>> I'm hopeful that it can be pushed. (The advantage not having the ability
>> to push is that I don't have to make any real decisions. Hooray!)
> Thanks for the new patch.  I applied it as
> ea9e58ef66f0fc0235eb1b36690ad4e41bf8771d after making a few minor
> changes to the commit message.
> I also added a Co-authored-by line for Roel as you updated his copyright
> line.
> Thanks!

Thanks!  What made you confident to apply it?  I think this is the right
decision, because it's a separate issue from whatever is going to happen
to icedtea-6.  Using the inheritance seems like the most effective way
of working here, and the fix does not lead to a potential security hole
because all that can happen is that certificates do not get imported
into the keystore.

We do have to pay attention to whether certificates fail to be added

Thanks Carlo and Ricardo!

Kind regards,
Roel Janssen

reply via email to

[Prev in Thread] Current Thread [Next in Thread]