Context Navigation

Modify ↓

#22904 closed defect (fixed)

[PATCH] Remove expired/unnecessary certificates from CertificateAmendment

Reported by:	taylor.smock	Owned by:	team
Priority:	normal	Milestone:	23.04
Component:	Core	Version:
Keywords:		Cc:

Description

#15851: Ubuntu 18.04 is EOL. We can probably remove 0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739
#19872: This certificate expired in December 2022, so we can and should remove 4d2491414cfe956746ec4cefa6cf6f72e28a1329432f9d8a907ac4cb5dadc15a
#14649: We can keep this for now. It expires in 2028 (3c4fb0b95ab8b30032f432b86f535fe172c185d0fd39865837cf36187fa6f428).
#15178: We can keep this for now. It expires in 2027 (e3b6a2db2ed7ce48842f7ac53241c7b71d54144bfb40c11f3f1d0b42f5eea12d).
- Added to the JDK. We can probably get rid of it when we move to Java 21.
#16307: We can keep this for now. It expires in 2042 (yes, this seems a bit long, e23d4a036d7b70e9f595b1422079d2b91edfbb1fb651a0633eaa8a9dc5f80703)
#17062: We can keep this for now. It expires in 2032 (7600295eefe85b9e1fd624db76062aaaae59818a54d2774cd4c0b2c01131e1b3)
#17668: We can keep this for now. It expires in 2029 (3c5f81fea5fab82c64bfa2eaecafcde8e077fc8620a7cae537163df36edbf378)
#18920: We can keep this for now. It expires in 2030 (ebc5570c29018c4d67b1aa127baf12f703b4611ebc17b7dab5573894179b93fa)

With that said, most distributions patch JOSM to use Mozilla's CA certificates, Temurin uses Mozilla's CA certificates, but I don't know if Azul does.

Attachments (1)

22904.patch (4.3 KB ) - added by taylor.smock 22 months ago.

Download all attachments as: .zip

Change History (5)

by taylor.smock, 22 months ago

Attachment:	22904.patch added

comment:1 by taylor.smock, 22 months ago

Summary:	Remove expired/unnecessary certificates from CertificateAmendment → [PATCH] Remove expired/unnecessary certificates from CertificateAmendment

comment:2 by stoecker, 22 months ago

The first two we can remove. DST Root is no longer used for Let's Encrypt, so we have no more reason to especially import it. The expired one should also be gone.

comment:3 by taylor.smock, 22 months ago

Resolution:	→ fixed
Status:	new → closed

In 18716/josm:

Fix #22904: Remove outdated/unused certificate authorities

This drops DST Root CA X3 (Let's Encrypt no longer uses it) and
Staat der Nederlanden EV Root CA (expired in December of 2022).

comment:4 by taylor.smock, 22 months ago

Milestone:	→ 23.04

Modify Ticket

Change Properties

Summary:
Type:		Priority:
Milestone:		Component:
Version:		Keywords:
Cc:	Set your email in Preferences

Action

leave as closed The owner will remain team.

change resolution as The resolution will be set.

reopen The resolution will be deleted. Next status will be 'reopened'.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: