[ubuntu-hardened] SSL Trust across components

Christian Ehrhardt christian.ehrhardt at canonical.com
Fri Mar 6 08:00:28 UTC 2020

Hi Security people,
There is a bug [1] lingering for a while since it is more a security design
question for Ubuntu than a technical problem. There are a few people from
the Community discussing from their POV but the server Team often has to
back-out for being unsure about the actual "security aspects" of this.
Is it safe, is it good, are there drawbacks ...

A while ago I subscribed ubuntu-security but I might have not pushed hard
enough to get a response. I want to rekindle this topic by reaching out on
the ML (and to Joe) and wanted to ask if you could assign someone from
security to take a deeper look at what/if we'D want to do about it.

After 20.04 is probably a good time to do such a change, so now is the time
to discuss ...

P.S. I'd have tried to catch you on the sprint, but since that failed let's
mail about it ...

[1]: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1647285

Christian Ehrhardt
Staff Engineer, Ubuntu Server
Canonical Ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20200306/905690c1/attachment.html>

More information about the ubuntu-hardened mailing list