From kde-core-devel Fri Jan 29 17:53:18 2010 From: "Maksim Orlovich" Date: Fri, 29 Jan 2010 17:53:18 +0000 To: kde-core-devel Subject: Re: Using system SSL certificates... Message-Id: <60097.67.246.70.185.1264787598.squirrel () webmail ! cornell ! edu> X-MARC-Message: https://marc.info/?l=kde-core-devel&m=126478765026203 > The only thing that's holding me back in updating the Qt certificates is > to > decide whether keeping expired certificates is a good thing. > > There are 81 certificates in Qt's bundle. One of them is repeated, so 80 > are > unique. > > However, from those 80, 8 have expired already. > > Of the 72 non-expired, unique certificates in Qt, 48 are *not* in the > Firefox > certificate store. That's worriesome. What sort of validation did those CAs undergo?