diff options
author | Peter Hartmann <peter.hartmann@nokia.com> | 2011-11-04 16:56:12 +0100 |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2011-11-08 15:52:28 +0100 |
commit | 7a78248e9cbce223364ad39070629ede2f80a3a4 (patch) | |
tree | 102b9f2aec1a3557017531f71e3c1c87b3a0c3dc /src/network/ssl/qsslcertificate.cpp | |
parent | ed55c4a14c9e8b70b3947ca70ec690ac1b8d91fe (diff) |
SSL: blacklist intermediate certificates that issued weak certs
... as did browser vendors.
Tested manually with affected CA certificates.
Reviewed-by: Richard J. Moore <rich@kde.org>
(cherry picked from commit e1d6df4e5931ee49b4b68dd5a33146f5639268b7)
Change-Id: I5bf6c147abf6d2de0f313d65faa2d9a1e9684cea
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Diffstat (limited to 'src/network/ssl/qsslcertificate.cpp')
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 1810270d7c..0710001198 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -1150,6 +1150,9 @@ static const char *certificate_blacklist[] = { // "(has not been seen in the wild so far)", "Stichting TTP Infos CA," // compromised during DigiNotar breach "1184640175", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust "1184644297", "DigiNotar Root CA", // DigiNotar intermediate cross-signed by Entrust + + "120001705", "Digisign Server ID (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Verizon CyberTrust + "1276011370", "Digisign Server ID - (Enrich)", // (Malaysian) Digicert Sdn. Bhd. cross-signed by Entrust 0 }; |