[Users] sssl certificate update - whats claws doing ?
codejodler at gmx.ch
Tue Dec 29 15:40:56 CET 2015
I can see cert files containing a port number, in pairs (one file for the authority and one for the key).
For the ports i use, 25 and 100, they got created Dec 23. For other ports like 465, they were created ('modified' in midnight commander) Oct 24, 2014 and 'changed' Mar 21, 2015. I suppose changed means overwritten with an update.
So, it looks like the certs in question were created from the scratch, because the creation date matches the 'changed' date ?
One day before the issue, the mail provider put up a webpage with an explanation, which i didn't find until they sent me the link; but i don't quite understand what thy are saying here...
As i understand it, the "StartCom" authority was unreliable to reach, so they put up a second cert ("Bundsdruckerei" D-Trust) as a fallback (?).
However, i can not find any such cert in claws. Also, in the mail reply, they said they meanhwile were able to "switch back to StartCom" now. Whatever that means: It gots me lots of questions like shouldn't i be askd for cert update again in this case ? What happened with the Bundesdruckerei cert ? Is it still in use, and why is not on my harddisk ? What about the reason for creating double in the first place, or is StartCom suddenly acceptable again ?
My best idea is that the 'old' StartCom never was 'revoked' and i was asked for an update simply because they offered a second one, at some point. Meaning quite some confusion for me, without a clar benefit form my point of view - shouldn't they either turn completely to a new authority, or leave things alone ? .... but as i said, i don't relly understand these things.
More information about the Users