On 2011-03-10, Stephen Smoogen <smooge@xxxxxxxxx> wrote: > > We have already updated fedorahosted.org and will now be updating the > cert for the main site: fedoraproject.org. > > The old certificate came from Equifax, was a 1024 bit key and had the > fingerprint: [...] > The new certificate is issued by GeoTrust, Inc and is a 4096 bit key > with the fingerprint: > Key length is not everything. Didn't you forget to upgrade hash algorithm? Sticking on SHA-1 that's been abandoned by ETSI and other authorities does not look most safely. -- Petr -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
