From owner-freebsd-security@FreeBSD.ORG  Fri Apr  1 21:24:36 2011
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A38FD106564A
	for <freebsd-security@freebsd.org>;
	Fri,  1 Apr 2011 21:24:36 +0000 (UTC)
	(envelope-from leccine@gmail.com)
Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com
	[209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 2D3168FC22
	for <freebsd-security@freebsd.org>;
	Fri,  1 Apr 2011 21:24:35 +0000 (UTC)
Received: by bwz12 with SMTP id 12so3455440bwz.13
	for <freebsd-security@freebsd.org>;
	Fri, 01 Apr 2011 14:24:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type;
	bh=22tZfWbHUbDXci13b5BrsIFaYmULjlDV0p9n38MPRck=;
	b=Rci2DLi5r03C4l+wvV4qB4I1JgZIUASG7anomA17adUgANMKQjHbb0YjXqKZexxFLh
	TEU7m4kkolzzb3vnKSzSd1V+hIf+U03giLl56dFb/3P/QlnBbf+hp0ylyljVkXBk320U
	OzAPgMlvoKtDJHYCpQC/E0Mm5OPWNc0vzNLJ0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=GmNJ4Gea/UC3TLAKfnG/NgZXxQQ99zY3NqhLstX2eR3jzI7vD6lE0S3lczjcjmJHDe
	yE/lkXpLGkheA1jGwDeb1CVaDVldx0ZbWQ+CHj2cEoDEVXywaH+YaWuJm4yu4zzLsRE4
	HBTJt3s7Qh/X2jcYAAhyadhX21OxFkLb+PlHc=
MIME-Version: 1.0
Received: by 10.204.74.93 with SMTP id t29mr4084192bkj.150.1301693075262; Fri,
	01 Apr 2011 14:24:35 -0700 (PDT)
Received: by 10.204.62.13 with HTTP; Fri, 1 Apr 2011 14:24:35 -0700 (PDT)
In-Reply-To: <63CF07FC-BD9A-47C2-9535-09D9ED8E982D@smtps.net>
References: <AANLkTin_zZgHRg7QtEwH2V8WOd=nvBcKdYvJkshGCt-R@mail.gmail.com>
	<20110401153300.GA85392@guilt.hydra>
	<AANLkTi=fqSAMiGtGQO1+t1QbhNY1m_S+x294WX3zHpOK@mail.gmail.com>
	<4D9639B0.1070302@FreeBSD.org>
	<AANLkTi=17e7qE8yAACKiYSvpvsUZhDJu4e=mmM+hHwr8@mail.gmail.com>
	<63CF07FC-BD9A-47C2-9535-09D9ED8E982D@smtps.net>
Date: Fri, 1 Apr 2011 22:24:35 +0100
Message-ID: <AANLkTikTGGSuqMLB+qsGSDUy6M07WFt0jQ7+q=1U95=P@mail.gmail.com>
From: =?UTF-8?Q?Istv=C3=A1n?= <leccine@gmail.com>
To: Brian Keefer <chort@smtps.net>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-security <freebsd-security@freebsd.org>
Subject: Re: SSL is broken on FreeBSD
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2011 21:24:36 -0000

> You're probably not aware (owing to your arrogance) that at least some of
> the CAs which ship as part of the Mozilla bundle have been known to issue
> fraudulent certificates in the past, even the past few weeks.
>

once there was a remote root in freebsd kernel, so I have just stopped using
it

(sometimes I wish I did....)