Fill in the list of blacklisted signing keys.

I used a list of certificate files from arma, and a little script,
both at 11464.
This commit is contained in:
Nick Mathewson 2014-04-14 16:03:53 -04:00
parent 50ad393924
commit 46cf63bb42

View File

@ -459,7 +459,18 @@ authority_cert_dl_failed(const char *id_digest, int status)
}
static const char *BAD_SIGNING_KEYS[] = {
"----------------------------------------",
"09CD84F751FD6E955E0F8ADB497D5401470D697E", // Expires 2015-01-11 16:26:31
// dizum still needs to rotate as of 2014-04-04
//"0E7E9C07F0969D0468AD741E172A6109DC289F3C", // Expires 2014-08-12 10:18:26
// dannenberg still needs to rotate as of 2014-04-04
//"57B85409891D3FB32137F642FDEDF8B7F8CDFDCD", // Expires 2015-02-11 17:19:09
"87326329007AF781F587AF5B594E540B2B6C7630", // Expires 2014-07-17 11:10:09
"98CC82342DE8D298CF99D3F1A396475901E0D38E", // Expires 2014-11-10 13:18:56
"9904B52336713A5ADCB13E4FB14DC919E0D45571", // Expires 2014-04-20 20:01:01
"9DCD8E3F1DD1597E2AD476BBA28A1A89F3095227", // Expires 2015-01-16 03:52:30
"A61682F34B9BB9694AC98491FE1ABBFE61923941", // Expires 2014-06-11 09:25:09
"B59F6E99C575113650C99F1C425BA7B20A8C071D", // Expires 2014-07-31 13:22:10
"D27178388FA75B96D37FA36E0B015227DDDBDA51", // Expires 2014-08-04 04:01:57
NULL,
};