20061027 (patches unapplied)

Imported using git-ubuntu import.

debian/README.Debian

@@ -19,9 +19,8 @@ configuration file:
 	make hash symlinks
 	generate ca-certificates.crt (single-file version)
 
-/etc/ssl/certs/ca-certificates.crt will be used by many of the web browsers
-in Debian, including mozilla, when deciding what secure web sites to trust.
-
+/etc/ssl/certs/ca-certificates.crt may be used by the web browsers
+in Debian, such as w3m, when deciding what secure web sites to trust.
 For w3m package, it has ssl_ca_path configuration in /etc/w3m/w3mconfig,
 so it works without any configuration.  You can specify 
 /etc/ssl/certs/ca-certificates.crt for ssl_ca_file instead.
@@ -40,4 +39,4 @@ How certificate will be accepted in ca-certificates package
    the bug report, GPG signed.
    I won't accept if the CA is requested by only one people.
    
- -- ukai <ukai@debian.or.jp>, Wed May 18 01:24:57 2005
+ -- Fumitoshi UKAI <ukai@debian.or.jp>, Thu, 17 Aug 2006 13:27:55 +0900

debian/changelog

@@ -1,3 +1,43 @@
+ca-certificates (20061027) unstable; urgency=low
+
+  * sbin/update-ca-certificates:
+    in fresh mode, rm symlinks only point to /usr/share/ca-certificates.
+    preserve other symlinks. closes: Bug#387089
+  * debian/po/nl.po: updated
+    closes: Bug#386767
+  * debian/po/fr.po: updated
+    closes: Bug#386806
+  * debian/po/da.po: updated
+    closes: Bug#388018
+    
+ -- Fumitoshi UKAI <ukai@debian.or.jp>  Sat, 28 Oct 2006 02:28:50 +0900
+
+ca-certificates (20060816) unstable; urgency=low
+
+  * debian/control: explicitly mention that trustworthiness of certificate
+    authorities is not evaluated.
+    closes: Bug#350726
+  * debian/templates: refine messages
+    closes: Bug#309481
+  * debian/postinst: remove tailing spaces to avoid unnecessary dpkg-old file.
+    closes: Bug#349346
+  * debian/control: libssl0.9.7->libssl0.9.8
+    closes: Bug#345197
+  * debian/postrm: remove .dpkg-old files
+    closes: Bug#349351
+  * debian/README.Debian: fix
+    closes: Bug#354509
+  * debian/postinst: fix typo
+    closes: Bug#355271
+  * debian/po/sv.po: added
+    closes: Bug#330984
+  * debian/po/es.po: added
+    closes: Bug#334383
+  * add new SPI CA certificate
+    submitted by Michael C. Schultheiss <schultmc@debian.org>
+
+ -- Fumitoshi UKAI <ukai@debian.or.jp>  Thu, 17 Aug 2006 13:12:27 +0900
+
 ca-certificates (20050804) unstable; urgency=low
 
   * use ${misc:Depends} in debian/control for debconf

debian/config

@@ -5,7 +5,7 @@ set -e
 
 action="$1"
 cur_version="$2"
-this_version='20050518'
+this_version='20061027'
 
 if test -f /etc/ca-certificates.conf; then
   CERTSCONF=/etc/ca-certificates.conf
@@ -27,7 +27,7 @@ CERTS_AVAILABLE=""
 CERTS_ENABLED=""
 
 # CERTS_LIST: certs that will be installed
-CERTS_LIST="spi-inc.org/spi-ca.crt, mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_1.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_2.crt, mozilla/AddTrust_External_Root.crt, mozilla/AddTrust_Low-Value_Services_Root.crt, mozilla/AddTrust_Public_Services_Root.crt, mozilla/AddTrust_Qualified_Certificates_Root.crt, mozilla/America_Online_Root_Certification_Authority_1.crt, mozilla/America_Online_Root_Certification_Authority_2.crt, mozilla/Baltimore_CyberTrust_Root.crt, mozilla/Certum_Root_CA.crt, mozilla/Comodo_AAA_Services_root.crt, mozilla/Comodo_Secure_Services_root.crt, mozilla/Comodo_Trusted_Services_root.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_2.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_4.crt, mozilla/Entrust.net_Global_Secure_Personal_CA.crt, mozilla/Entrust.net_Global_Secure_Server_CA.crt, mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, mozilla/Entrust.net_Secure_Personal_CA.crt, mozilla/Entrust.net_Secure_Server_CA.crt, mozilla/Equifax_Secure_CA.crt, mozilla/Equifax_Secure_Global_eBusiness_CA.crt, mozilla/Equifax_Secure_eBusiness_CA_1.crt, mozilla/Equifax_Secure_eBusiness_CA_2.crt, mozilla/GTE_CyberTrust_Global_Root.crt, mozilla/GTE_CyberTrust_Root_CA.crt, mozilla/GeoTrust_Global_CA.crt, mozilla/GlobalSign_Root_CA.crt, mozilla/IPS_CLASE1_root.crt, mozilla/IPS_CLASE3_root.crt, mozilla/IPS_CLASEA1_root.crt, mozilla/IPS_CLASEA3_root.crt, mozilla/IPS_Chained_CAs_root.crt, mozilla/IPS_Servidores_root.crt, mozilla/IPS_Timestamping_root.crt, mozilla/QuoVadis_Root_CA.crt, mozilla/RSA_Root_Certificate_1.crt, mozilla/RSA_Security_1024_v3.crt, mozilla/RSA_Security_2048_v3.crt, mozilla/Security_Communication_Root_CA.crt, mozilla/Sonera_Class_1_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, mozilla/Staat_der_Nederlanden_Root_CA.crt, mozilla/TC_TrustCenter__Germany__Class_2_CA.crt, mozilla/TC_TrustCenter__Germany__Class_3_CA.crt, mozilla/TDC_Internet_Root_CA.crt, mozilla/TDC_OCES_Root_CA.crt, mozilla/Thawte_Personal_Basic_CA.crt, mozilla/Thawte_Personal_Freemail_CA.crt, mozilla/Thawte_Personal_Premium_CA.crt, mozilla/Thawte_Premium_Server_CA.crt, mozilla/Thawte_Server_CA.crt, mozilla/Thawte_Time_Stamping_CA.crt, mozilla/UTN-USER_First-Network_Applications.crt, mozilla/UTN_DATACorp_SGC_Root_CA.crt, mozilla/UTN_USERFirst_Email_Root_CA.crt, mozilla/UTN_USERFirst_Hardware_Root_CA.crt, mozilla/UTN_USERFirst_Object_Root_CA.crt, mozilla/ValiCert_Class_1_VA.crt, mozilla/ValiCert_Class_2_VA.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_1_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_2_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_3_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_RSA_Secure_Server_CA.crt, mozilla/Verisign_Secure_Server_OCSP_Responder.crt, mozilla/Verisign_Time_Stamping_Authority_CA.crt, mozilla/Visa_International_Global_Root_2.crt, mozilla/Visa_eCommerce_Root.crt, mozilla/beTRUSTed_Root_CA-Baltimore_Implementation.crt, mozilla/beTRUSTed_Root_CA.crt, mozilla/beTRUSTed_Root_CA_-_Entrust_Implementation.crt, mozilla/beTRUSTed_Root_CA_-_RSA_Implementation.crt, cacert.org/cacert.org.crt, brasil.gov.br/brasil.gov.br.crt, signet.pl/signet_ca1_pem.crt, signet.pl/signet_ca2_pem.crt, signet.pl/signet_ca3_pem.crt, signet.pl/signet_ocspklasa2_pem.crt, signet.pl/signet_ocspklasa3_pem.crt, signet.pl/signet_pca2_pem.crt, signet.pl/signet_pca3_pem.crt, signet.pl/signet_rootca_pem.crt, signet.pl/signet_tsa1_pem.crt, quovadis.bm/QuoVadis_Root_Certification_Authority.crt"
+CERTS_LIST="spi-inc.org/SPI_CA_2006-cacert.crt, spi-inc.org/spi-ca.crt, mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_1.crt, mozilla/AOL_Time_Warner_Root_Certification_Authority_2.crt, mozilla/AddTrust_External_Root.crt, mozilla/AddTrust_Low-Value_Services_Root.crt, mozilla/AddTrust_Public_Services_Root.crt, mozilla/AddTrust_Qualified_Certificates_Root.crt, mozilla/America_Online_Root_Certification_Authority_1.crt, mozilla/America_Online_Root_Certification_Authority_2.crt, mozilla/Baltimore_CyberTrust_Root.crt, mozilla/Certum_Root_CA.crt, mozilla/Comodo_AAA_Services_root.crt, mozilla/Comodo_Secure_Services_root.crt, mozilla/Comodo_Trusted_Services_root.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_1.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_2.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_3.crt, mozilla/Digital_Signature_Trust_Co._Global_CA_4.crt, mozilla/Entrust.net_Global_Secure_Personal_CA.crt, mozilla/Entrust.net_Global_Secure_Server_CA.crt, mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt, mozilla/Entrust.net_Secure_Personal_CA.crt, mozilla/Entrust.net_Secure_Server_CA.crt, mozilla/Equifax_Secure_CA.crt, mozilla/Equifax_Secure_Global_eBusiness_CA.crt, mozilla/Equifax_Secure_eBusiness_CA_1.crt, mozilla/Equifax_Secure_eBusiness_CA_2.crt, mozilla/GTE_CyberTrust_Global_Root.crt, mozilla/GTE_CyberTrust_Root_CA.crt, mozilla/GeoTrust_Global_CA.crt, mozilla/GlobalSign_Root_CA.crt, mozilla/IPS_CLASE1_root.crt, mozilla/IPS_CLASE3_root.crt, mozilla/IPS_CLASEA1_root.crt, mozilla/IPS_CLASEA3_root.crt, mozilla/IPS_Chained_CAs_root.crt, mozilla/IPS_Servidores_root.crt, mozilla/IPS_Timestamping_root.crt, mozilla/QuoVadis_Root_CA.crt, mozilla/RSA_Root_Certificate_1.crt, mozilla/RSA_Security_1024_v3.crt, mozilla/RSA_Security_2048_v3.crt, mozilla/Security_Communication_Root_CA.crt, mozilla/Sonera_Class_1_Root_CA.crt, mozilla/Sonera_Class_2_Root_CA.crt, mozilla/Staat_der_Nederlanden_Root_CA.crt, mozilla/TC_TrustCenter__Germany__Class_2_CA.crt, mozilla/TC_TrustCenter__Germany__Class_3_CA.crt, mozilla/TDC_Internet_Root_CA.crt, mozilla/TDC_OCES_Root_CA.crt, mozilla/Thawte_Personal_Basic_CA.crt, mozilla/Thawte_Personal_Freemail_CA.crt, mozilla/Thawte_Personal_Premium_CA.crt, mozilla/Thawte_Premium_Server_CA.crt, mozilla/Thawte_Server_CA.crt, mozilla/Thawte_Time_Stamping_CA.crt, mozilla/UTN-USER_First-Network_Applications.crt, mozilla/UTN_DATACorp_SGC_Root_CA.crt, mozilla/UTN_USERFirst_Email_Root_CA.crt, mozilla/UTN_USERFirst_Hardware_Root_CA.crt, mozilla/UTN_USERFirst_Object_Root_CA.crt, mozilla/ValiCert_Class_1_VA.crt, mozilla/ValiCert_Class_2_VA.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_1_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_2_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_3_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_Class_3_Public_Primary_OCSP_Responder.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G2.crt, mozilla/Verisign_Class_4_Public_Primary_Certification_Authority_-_G3.crt, mozilla/Verisign_RSA_Secure_Server_CA.crt, mozilla/Verisign_Secure_Server_OCSP_Responder.crt, mozilla/Verisign_Time_Stamping_Authority_CA.crt, mozilla/Visa_International_Global_Root_2.crt, mozilla/Visa_eCommerce_Root.crt, mozilla/beTRUSTed_Root_CA-Baltimore_Implementation.crt, mozilla/beTRUSTed_Root_CA.crt, mozilla/beTRUSTed_Root_CA_-_Entrust_Implementation.crt, mozilla/beTRUSTed_Root_CA_-_RSA_Implementation.crt, cacert.org/cacert.org.crt, brasil.gov.br/brasil.gov.br.crt, signet.pl/signet_ca1_pem.crt, signet.pl/signet_ca2_pem.crt, signet.pl/signet_ca3_pem.crt, signet.pl/signet_ocspklasa2_pem.crt, signet.pl/signet_ocspklasa3_pem.crt, signet.pl/signet_pca2_pem.crt, signet.pl/signet_pca3_pem.crt, signet.pl/signet_rootca_pem.crt, signet.pl/signet_tsa1_pem.crt, quovadis.bm/QuoVadis_Root_Certification_Authority.crt"
 
 # CERTS_NEW: new certificates that will be installed
 CERTS_NEW=""

debian/control

@@ -8,7 +8,7 @@ Standards-Version: 3.5.9
 Package: ca-certificates
 Architecture: all
 Depends: openssl, ${misc:Depends}
-Enhances: libssl0.9.7, openssl
+Enhances: libssl0.9.8, openssl
 Description: Common CA Certificates PEM files
  It includes the followings PEM files of CA certificates
  .
@@ -22,3 +22,8 @@ Description: Common CA Certificates PEM files
  .
  This is useful for any openssl applications to verify
  SSL connection.
+ .
+ Note that certificate authorities whose certificates are included in
+ this package are not in any way audited for trustworthiness and RFC
+ 3647 compliance, and that full responsibility to assess them rests
+ with the user.

debian/po/da.po

@@ -9,95 +9,95 @@
 #            /usr/share/doc/po-debconf/README-trans
 #         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
 #    Developers do not need to manually edit POT or PO files.
-# Claus Hindsgaul <claus_h@image.dk>, 2004.
 #
+# Claus Hindsgaul <claus_h@image.dk>, 2004.
+# Claus Hindsgaul <claus.hindsgaul@gmail.com>, 2006.
 msgid ""
 msgstr ""
 "Project-Id-Version: ca-certificates_20031007_templates\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2004-08-08 11:28+0900\n"
-"PO-Revision-Date: 2004-02-28 19:01+0100\n"
-"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
-"Language-Team: Danish <dansk@klid.dk>\n"
+"POT-Creation-Date: 2006-09-09 11:47-0600\n"
+"PO-Revision-Date: 2006-09-18 08:00+0200\n"
+"Last-Translator: Claus Hindsgaul <claus.hindsgaul@gmail.com>\n"
+"Language-Team: Danish\n"
 "MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.0.2\n"
+"X-Generator: KBabel 1.11.4\n"
 
 #. Type: select
 #. Choices
-#: ../templates:3
+#: ../templates:1001
 msgid "yes, no, ask"
-msgstr "ja, nej, spørg"
+msgstr "ja, nej, spørg"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid "Trust new CAs certificates?"
-msgstr "Stol på nye CAs-certifikater?"
+msgstr "Stol på nye CAs-certifikater?"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 "This package may install new CA (Certificate Authority) certificates when "
 "upgrading.  You may want to check such new CA certificates and select only "
 "certificates that you trust."
 msgstr ""
-"Denne pakke kan installere nye CA-certifikater (Certificate Authority), når "
-"under opgraderinger. Måske vil du gerne tjekke nye CA-certifikater og kun "
-"vælge de certifikater, du stoler på."
+"Denne pakke kan installere nye CA-certifikater (Certificate Authority), når "
+"under opgraderinger. Måske vil du gerne tjekke nye CA-certifikater og kun "
+"vælge de certifikater, du stoler på."
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 " - \"yes\", new CA certificates will be trusted and installed.\n"
 " - \"no\", new CA certificates will not be installed by default.\n"
-" - \"ask\", Ask you trust each new CA certificates or not"
+" - \"ask\", Ask if you trust each new CA certificates, or not."
 msgstr ""
-" - 'ja', nye CA-certifikater vil blive installeret og stolet på.\n"
-" - 'nej', nye CA-certifikater vil som udgangspunkt ikke blive installeret.\n"
-" - 'spørg', spørger om du stoler på hvert enkelt nyt CA-certifikat eller ej"
+" - \"ja\", nye CA-certifikater vil blive installeret og stolet på.\n"
+" - \"nej\", nye CA-certifikater vil som udgangspunkt ikke blive installeret.\n"
+" - \"spørg\", spørger om du vil stole på hvert enkelt nyt CA-certifikat eller ej."
 
 #. Type: multiselect
 #. Choices
-#: ../templates:16
+#: ../templates:2001
 msgid "${new_crts}"
 msgstr "${new_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid "Select new certificates to activate:"
-msgstr "Vælg nyt certifikat at aktivere:"
+msgstr "Vælg nyt certifikat at aktivere:"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid ""
-"In this upgrading, these new certificates are added. Do you trust these "
-"certificates and want that these certificates are installed into /etc/ssl/"
-"certs?"
+"During the upgrade, these new certificates will be added. Do you trust them "
+"and want them installed into /etc/ssl/certs?"
 msgstr ""
-"Under denne opgradering, bliver disse nye certifikater tilføjet. Stoler du "
-"på disse certifikater, og vil du have dem installeret i /etc/ssl/certs?"
+"Disse nye certifikater bliver tilføjet under opgraderingen. Stoler du "
+"på dem, og vil du have dem installeret i /etc/ssl/certs?"
 
 #. Type: multiselect
 #. Choices
-#: ../templates:24
+#: ../templates:3001
 msgid "${enable_crts}"
 msgstr "${enable_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid "Select certificates to activate:"
-msgstr "Vælg certifikater at aktivere:"
+msgstr "Vælg certifikater at aktivere:"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid ""
 "This package installs common CA (Certificate Authority) certificates in /usr/"
 "share/ca-certificates. You can select certs from these available certs to be "
@@ -105,6 +105,7 @@ msgid ""
 "a single file of all your selected certs, /etc/ssl/certs/ca-certificates.crt."
 msgstr ""
 "Denne pakke installerer CA-certifikater (Certificate Authority) i /usr/share/"
-"ca-certificates. Du kan vælge certifikater til installation i /etc/ssl/certs "
-"ud fra disse. Denne pakke vil oprette symbolske lænker og generere en enkelt "
+"ca-certificates. Du kan vælge certifikater til installation i /etc/ssl/certs "
+"ud fra disse. Denne pakke vil oprette symbolske lænker og generere en enkelt "
 "fil med alle dine valgte certifikater i /etc/ssl/certs/ca-certificates.crt."
+

debian/po/es.po

@@ -0,0 +1,96 @@
+# ca-certificates po-debconf translation to Spanish
+# Copyright (C) 2005 Software in the Public Interest
+# This file is distributed under the same license as the ca-certificates package.
+#
+# Changes:
+#  - Initial translation
+#         César Gómez Martín <cesar.gomez@gmail.com>
+#
+#   Traductores, si no conoce el formato PO, merece la pena leer la
+#   documentación de gettext, especialmente las secciones dedicadas a este
+#   formato, por ejemplo ejecutando:
+#          info -n '(gettext)PO Files'
+#          info -n '(gettext)Header Entry'
+# Equipo de traducción al español, por favor, lean antes de traducir
+# los siguientes documentos:
+#
+#  - El proyecto de traducción de Debian al español
+#    http://www.debian.org/intl/spanish/
+#    especialmente las notas de traducción en
+#    http://www.debian.org/intl/spanish/notas
+#
+#  - La guía de traducción de po's de debconf:
+#    /usr/share/doc/po-debconf/README-trans
+#    o http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: ca-certificates\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-08-08 11:28+0900\n"
+"PO-Revision-Date: 2005-08-29 16:44+0100\n"
+"Last-Translator: César Gómez Martín <cesar.gomez@gmail.com>\n"
+"Language-Team: Debian l10n spanish <debian-l10n-spanish@lists.debian.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Poedit-Language: Spanish\n"
+"X-Poedit-Country: SPAIN\n"
+"X-Poedit-SourceCharset: utf-8\n"
+
+#. Type: select
+#: ../templates:3
+msgid "yes, no, ask"
+msgstr "sí, no, preguntar"
+
+#. Type: select
+#: ../templates:5
+msgid "Trust new CAs certificates?"
+msgstr "¿Confiar en los certificados de las nuevas CA?"
+
+#. Type: select
+#: ../templates:5
+msgid "This package may install new CA (Certificate Authority) certificates when upgrading.  You may want to check such new CA certificates and select only certificates that you trust."
+msgstr "Este paquete puede que instale nuevos certificados de CA (Autoridad Certificadora) al actualizarse. Quizás quiera comprobar esos nuevos certificados CA y seleccionar sólo los certificados en los que confíe."
+
+#. Type: select
+#: ../templates:5
+msgid ""
+" - \"yes\", new CA certificates will be trusted and installed.\n"
+" - \"no\", new CA certificates will not be installed by default.\n"
+" - \"ask\", Ask you trust each new CA certificates or not"
+msgstr ""
+"- «sí», se confiará en los nuevos certificados de CA y se instalarán.\n"
+"- «no», los nuevos certificados de CA no se instalarán por omisión.\n"
+"- «preguntar», se preguntará si se confía o no en cada nuevo certificado de CA."
+
+#. Type: multiselect
+#: ../templates:16
+msgid "${new_crts}"
+msgstr "${new_crts}"
+
+#. Type: multiselect
+#: ../templates:17
+msgid "Select new certificates to activate:"
+msgstr "Seleccione los nuevos certificados que quiere activar:"
+
+#. Type: multiselect
+#: ../templates:17
+msgid "In this upgrading, these new certificates are added. Do you trust these certificates and want that these certificates are installed into /etc/ssl/certs?"
+msgstr "Estos son los certificados que se añadirán en esta actualización. ¿Confía en estos certificados y quiere instalarlos en /etc/ssl/certs?"
+
+#. Type: multiselect
+#: ../templates:24
+msgid "${enable_crts}"
+msgstr "${enable_crts}"
+
+#. Type: multiselect
+#: ../templates:25
+msgid "Select certificates to activate:"
+msgstr "Seleccione los certificados que quiere activar:"
+
+#. Type: multiselect
+#: ../templates:25
+msgid "This package installs common CA (Certificate Authority) certificates in /usr/share/ca-certificates. You can select certs from these available certs to be installed into /etc/ssl/certs. This package will make symlinks and generate a single file of all your selected certs, /etc/ssl/certs/ca-certificates.crt."
+msgstr "Este paquete instala certificados de CA (Autoridad Certificadora) comunes en /usr/share/ca-certificates. Puede seleccionar certificados de entre los que estan disponibles para instalarlos en /etc/ssl/certs. Este paquete hará enlaces simbólicos y con cada uno de los certificados seleccionados generará un fichero cuya ruta es /etc/ssl/certs/ca-certificates.crt."
+

debian/po/fr.po

@@ -1,3 +1,4 @@
+# translation of fr.po to French
 #
 #    Translators, if you are not familiar with the PO format, gettext
 #    documentation is worth reading, especially sections dedicated to
@@ -11,33 +12,35 @@
 #
 #    Developers do not need to manually edit POT or PO files.
 #
+# Christian Perrier <bubulle@debian.org>, 2006.
 msgid ""
 msgstr ""
-"Project-Id-Version: ca-certificates (20030420)\n"
+"Project-Id-Version: fr\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2004-08-08 11:28+0900\n"
-"PO-Revision-Date: 2003-09-15 08:46+0100\n"
+"POT-Creation-Date: 2006-09-05 05:02-0600\n"
+"PO-Revision-Date: 2006-09-05 23:03+0200\n"
 "Last-Translator: Christian Perrier <bubulle@debian.org>\n"
 "Language-Team: French <debian-l10n-french@lists.debian.org>\n"
 "MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=iso-8859-15\n"
+"Content-Type: text/plain; charset=ISO-8859-15\n"
 "Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.4\n"
 
 #. Type: select
 #. Choices
-#: ../templates:3
+#: ../templates:1001
 msgid "yes, no, ask"
 msgstr "Oui, Non, Demander"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid "Trust new CAs certificates?"
-msgstr "Faut-il agréer les certificats des nouveaux tiers de confiance ?"
+msgstr "Faut-il accepter les certificats des nouveaux tiers de confiance ?"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 "This package may install new CA (Certificate Authority) certificates when "
 "upgrading.  You may want to check such new CA certificates and select only "
@@ -45,18 +48,18 @@ msgid ""
 msgstr ""
 "Ce paquet peut installer des certificats de nouveaux tiers de confiance "
 "(« Certificate Authority ») lors de ses mises à jour. Vous pouvez souhaiter "
-"vérifier de tels nouveaux certificats et ne choisir que ceux que vous agréez."
+"vérifier ces nouveaux certificats et ne choisir que ceux que vous acceptez."
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 " - \"yes\", new CA certificates will be trusted and installed.\n"
 " - \"no\", new CA certificates will not be installed by default.\n"
-" - \"ask\", Ask you trust each new CA certificates or not"
+" - \"ask\", Ask if you trust each new CA certificates, or not."
 msgstr ""
 "- si vous choisissez « Oui », les nouveaux certificats seront\n"
-"  agréés et installés ;\n"
+"  acceptés et installés ;\n"
 "- si vous choisissez « Non », les nouveaux certificats ne seront\n"
 "  pas installés par défaut ;\n"
 "- si vous choisissez « Demander », l'agrément de chacun des\n"
@@ -64,43 +67,42 @@ msgstr ""
 
 #. Type: multiselect
 #. Choices
-#: ../templates:16
+#: ../templates:2001
 msgid "${new_crts}"
 msgstr "${new_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid "Select new certificates to activate:"
-msgstr "Veuillez choisir les nouveaux certificats qui seront agréés"
+msgstr "Nouveaux certificats à accepter :"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid ""
-"In this upgrading, these new certificates are added. Do you trust these "
-"certificates and want that these certificates are installed into /etc/ssl/"
-"certs?"
+"During the upgrade, these new certificates will be added. Do you trust them "
+"and want them installed into /etc/ssl/certs?"
 msgstr ""
-"Lors de cette mise à jour, voici les nouveaux certificats qui sont apparus. "
-"Agréez-vous ces certificats ? Les certificats agréés seront placés dans /etc/"
+"Lors de cette mise à jour, de nouveaux certificats ont été ajoutés. "
+"Veuillez choisir si vous les acceptez, pour qu'ils soient placés dans /etc/"
 "ssl/certs."
 
 #. Type: multiselect
 #. Choices
-#: ../templates:24
+#: ../templates:3001
 msgid "${enable_crts}"
 msgstr "${enable_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid "Select certificates to activate:"
-msgstr "Veuillez choisir les certificats qui seront agréés."
+msgstr "Certificats à accepter :"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid ""
 "This package installs common CA (Certificate Authority) certificates in /usr/"
 "share/ca-certificates. You can select certs from these available certs to be "
@@ -112,3 +114,4 @@ msgstr ""
 "vous agréez et qui seront installés dans /etc/ssl/certs. Ce paquet créera "
 "des liens symboliques et générera un seul fichier, /etc/ssl/certs/ca-"
 "certificates.crt, avec les certificats choisis."
+

debian/po/nl.po

@@ -1,3 +1,4 @@
+# translation of ca-certificates_20060816_nl.po to Dutch
 # translation of ca-certificates_20031007_nl.po to Dutch
 #
 #    Translators, if you are not familiar with the PO format, gettext
@@ -9,36 +10,36 @@
 #            /usr/share/doc/po-debconf/README-trans
 #         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
 #    Developers do not need to manually edit POT or PO files.
-# Frans Pop <aragorn@tiscali.nl>, 2004.
+# Frans Pop <aragorn@tiscali.nl>, 2004, 2006.
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: ca-certificates_20031007_nl\n"
+"Project-Id-Version: ca-certificates_20060816_nl\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2004-08-08 11:28+0900\n"
-"PO-Revision-Date: 2004-03-14 23:39+0100\n"
+"POT-Creation-Date: 2006-09-09 11:47-0600\n"
+"PO-Revision-Date: 2006-09-10 02:22+0200\n"
 "Last-Translator: Frans Pop <aragorn@tiscali.nl>\n"
 "Language-Team: Dutch <debian-l10n-dutch@lists.debian.org>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"X-Generator: KBabel 1.3\n"
+"X-Generator: KBabel 1.9.1\n"
 
 #. Type: select
 #. Choices
-#: ../templates:3
+#: ../templates:1001
 msgid "yes, no, ask"
 msgstr "ja, nee, vraag"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid "Trust new CAs certificates?"
 msgstr "Nieuwe CA certificaten vertrouwen?"
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 "This package may install new CA (Certificate Authority) certificates when "
 "upgrading.  You may want to check such new CA certificates and select only "
@@ -51,56 +52,55 @@ msgstr ""
 
 #. Type: select
 #. Description
-#: ../templates:5
+#: ../templates:1002
 msgid ""
 " - \"yes\", new CA certificates will be trusted and installed.\n"
 " - \"no\", new CA certificates will not be installed by default.\n"
-" - \"ask\", Ask you trust each new CA certificates or not"
+" - \"ask\", Ask if you trust each new CA certificates, or not."
 msgstr ""
-" - `ja', nieuwe CA certificaten vertrouwen en installeren;\n"
-" - `nee', nieuwe CA certificaten niet standaard installeren;\n"
-" - `vraag', voor elk nieuw CA certificaat wordt u gevraagd of u het "
+" - \"ja\", nieuwe CA certificaten vertrouwen en installeren;\n"
+" - \"nee\", nieuwe CA certificaten niet standaard installeren;\n"
+" - \"vraag\", voor elk nieuw CA certificaat wordt u gevraagd of u het "
 "vertrouwt."
 
 #. Type: multiselect
 #. Choices
-#: ../templates:16
+#: ../templates:2001
 msgid "${new_crts}"
 msgstr "${new_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid "Select new certificates to activate:"
 msgstr "Selecteer de te activeren nieuwe certificaten:"
 
 #. Type: multiselect
 #. Description
-#: ../templates:17
+#: ../templates:2002
 msgid ""
-"In this upgrading, these new certificates are added. Do you trust these "
-"certificates and want that these certificates are installed into /etc/ssl/"
-"certs?"
+"During the upgrade, these new certificates will be added. Do you trust them "
+"and want them installed into /etc/ssl/certs?"
 msgstr ""
-"Tijdens deze installatie worden onderstaande nieuwe certificaten toegevoegd. "
+"Tijdens deze installatie worden de volgende nieuwe certificaten toegevoegd. "
 "Vertrouwt u deze certificaten en wilt u dat deze certificaten worden "
 "geïnstalleerd in '/etc/ssl/certs'?"
 
 #. Type: multiselect
 #. Choices
-#: ../templates:24
+#: ../templates:3001
 msgid "${enable_crts}"
 msgstr "${enable_crts}"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid "Select certificates to activate:"
 msgstr "Selecteer de te activeren certificaten:"
 
 #. Type: multiselect
 #. Description
-#: ../templates:25
+#: ../templates:3002
 msgid ""
 "This package installs common CA (Certificate Authority) certificates in /usr/"
 "share/ca-certificates. You can select certs from these available certs to be "
@@ -113,3 +113,4 @@ msgstr ""
 "zal symbolische koppelingen leggen en een bestand, '/etc/ssl/certs/ca-"
 "certificates.crt', genereren met daarin alle door u geselecteerde "
 "certificaten."
+

debian/po/sv.po

@@ -0,0 +1,107 @@
+# Translators, if you are not familiar with the PO format, gettext
+# documentation is worth reading, especially sections dedicated to
+# this format, e.g. by running:
+# info -n '(gettext)PO Files'
+# info -n '(gettext)Header Entry'
+# Some information specific to po-debconf are available at
+# /usr/share/doc/po-debconf/README-trans
+# or http://www.debian.org/intl/l10n/po-debconf/README-trans
+# Developers do not need to manually edit POT or PO files.
+# , fuzzy
+# 
+# 
+msgid ""
+msgstr ""
+"Project-Id-Version: ca-certificates 20050804\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2004-08-08 11:28+0900\n"
+"PO-Revision-Date: 2005-09-30 22:50-0700\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <sv@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=iso-8859-1\n"
+"Content-Transfer-Encoding: 8bit"
+
+#. Type: select
+#. Choices
+#: ../templates:3
+msgid "yes, no, ask"
+msgstr "ja, nej, fråga"
+
+#. Type: select
+#. Description
+#: ../templates:5
+msgid "Trust new CAs certificates?"
+msgstr "Lita på nya CA-certifikat?"
+
+#. Type: select
+#. Description
+#: ../templates:5
+msgid ""
+"This package may install new CA (Certificate Authority) certificates when "
+"upgrading.  You may want to check such new CA certificates and select only "
+"certificates that you trust."
+msgstr ""
+"Detta paket kan installera nya CA (Certificate Authority)-certifikat vid uppgradering.  "
+"Du kanske vill kontrollera de nya CA-certifikaten och välj bara de certifikat som du litar på."
+
+#. Type: select
+#. Description
+#: ../templates:5
+msgid ""
+" - \"yes\", new CA certificates will be trusted and installed.\n"
+" - \"no\", new CA certificates will not be installed by default.\n"
+" - \"ask\", Ask you trust each new CA certificates or not"
+msgstr ""
+" - \"ja\", nya CA-certifikat kommer att litas på och installeras.\n"
+" - \"nej\", nya CA-certifikat kommer inte att installeras som standard.\n"
+" - \"fråga\", Fråga om du ska lita på nya CA-certifikat eller inte"
+
+#. Type: multiselect
+#. Choices
+#: ../templates:16
+msgid "${new_crts}"
+msgstr "${new_crts}"
+
+#. Type: multiselect
+#. Description
+#: ../templates:17
+msgid "Select new certificates to activate:"
+msgstr "Välj ett nytt certifikat som ska aktiveras:"
+
+#. Type: multiselect
+#. Description
+#: ../templates:17
+msgid ""
+"In this upgrading, these new certificates are added. Do you trust these "
+"certificates and want that these certificates are installed into /etc/ssl/"
+"certs?"
+msgstr ""
+"I denna uppgradering kommer dessa nya certifikat att läggas till. Litar du på dessa certifikat och vill att dessa certifikat ska installeras till /etc/ssl/certs?"
+
+#. Type: multiselect
+#. Choices
+#: ../templates:24
+msgid "${enable_crts}"
+msgstr "${enable_crts}"
+
+#. Type: multiselect
+#. Description
+#: ../templates:25
+msgid "Select certificates to activate:"
+msgstr "Välj certfikat som ska aktiveras:"
+
+#. Type: multiselect
+#. Description
+#: ../templates:25
+msgid ""
+"This package installs common CA (Certificate Authority) certificates in /usr/"
+"share/ca-certificates. You can select certs from these available certs to be "
+"installed into /etc/ssl/certs. This package will make symlinks and generate "
+"a single file of all your selected certs, /etc/ssl/certs/ca-certificates.crt."
+msgstr ""
+"Detta paket installerar allmänna CA (Certificate Authority)-certifikat i /usr/"
+"share/ca-certificates. Du kan välja certifikat bland dessa tillgängliga certifikat "
+"för att installeras till /etc/ssl/certs. Detta paket kommer att göra symboliska "
+"länkar och generera en enda fil av alla dina valda certifikat, /etc/ssl/certs/ca-certificates.crt."
+

debian/postinst

@@ -104,13 +104,13 @@ case "$1" in
 	  # new file
 	  cat > /etc/ca-certificates.conf <<EOF
 # This file lists certificates that you wish to use or to ignore to be
-# installed in /etc/ssl/certs. 
+# installed in /etc/ssl/certs.
 # update-ca-certificates(8) will update /etc/ssl/certs by reading this file.
-# 
+#
 # This is autogenerated by dpkg-reconfigure ca-certificates.
-# certificates shoule be installed under /usr/share/ca-certificates
+# Certificates should be installed under /usr/share/ca-certificates
 # and files with extension '.crt' is recognized as available certs.
-# 
+#
 # line begins with # is comment.
 # line begins with ! is certificate filename to be deselected.
 #

debian/postrm

@@ -28,8 +28,8 @@ case "$1" in
        ;;
 
     purge)
-       rm -f /etc/ssl/certs/ca-certificates.crt
-       rm -f /etc/ca-certificates.conf
+       rm -f /etc/ssl/certs/ca-certificates.crt*
+       rm -f /etc/ca-certificates.conf*
        if test -e /usr/share/debconf/confmodule; then
          . /usr/share/debconf/confmodule
          db_purge

debian/templates

@@ -9,15 +9,14 @@ _Description: Trust new CAs certificates?
  .
   - "yes", new CA certificates will be trusted and installed.
   - "no", new CA certificates will not be installed by default.
-  - "ask", Ask you trust each new CA certificates or not
+  - "ask", Ask if you trust each new CA certificates, or not.
 
 Template: ca-certificates/new_crts
 Type: multiselect
 _Choices: ${new_crts}
 _Description: Select new certificates to activate:
- In this upgrading, these new certificates are added. Do you trust these
- certificates and want that these certificates are installed into
- /etc/ssl/certs?
+ During the upgrade, these new certificates will be added. Do you
+ trust them and want them installed into /etc/ssl/certs?
 
 Template: ca-certificates/enable_crts
 Type: multiselect

mozilla/certdata2pem.rb

@@ -2,7 +2,10 @@
 
 while line = $stdin.gets
   next if line =~ /^#/
-  next if line =~ /^\s*$/
+  if line =~ /^\s*$/
+     fname = nil
+     next
+  end
   line.chomp!
   if line =~ /CKA_LABEL/
     label,type,val = line.split(' ',3)
@@ -12,9 +15,13 @@ while line = $stdin.gets
     next
   end
   if line =~ /CKA_VALUE MULTILINE_OCTAL/
+    if fname.nil?
+      puts "E: unexpected CKA_VALUE MULTILINE_OCTAL"
+      next
+    end
     data=''
     while line = $stdin.gets
-      break if /^END/
+      break if line =~ /^END/
       line.chomp!
       line.gsub(/\\([0-3][0-7][0-7])/) { data += $1.oct.chr }
     end

sbin/update-ca-certificates

@@ -41,7 +41,16 @@ CERTBUNDLE=ca-certificates.crt
 cd /etc/ssl/certs
 if [ "$fresh" = 1 ]; then
   echo -n "Clearing symlinks in /etc/ssl/certs..."
-  find . -type l -print0 | xargs -0 rm -f
+  find . -type l -print | while read symlink
+  do
+     case $(readlink $symlink) in
+     $CERTSDIR*) rm -f $symlink;;
+     esac
+  done
+  find . -type l -print | while read symlink
+  do
+     test -f $symlink || rm -f $symlink
+  done
   echo "done."
 fi
 echo -n "Updating certificates in /etc/ssl/certs...."

spi-inc.org/SPI_CA_2006-cacert.crt

@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGFTCCBX6gAwIBAgIBEDANBgkqhkiG9w0BAQUFADCBvjELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UE
+ChMfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9z
+dG1hc3RlcjEgMB4GA1UEAxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkq
+hkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDYwODE2MjA0NjUy
+WhcNMTYwODEzMjA0NjUyWjCBvDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0luZGlh
+bmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdhcmUgaW4g
+dGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKSG9zdG1hc3RlcjEeMBwGA1UE
+AxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZob3N0bWFz
+dGVyQHNwaS1pbmMub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+uTlCOrOYvCe0Qszlz90rVIQkS2UDa7R+qCTkRE5ipKC+3OZXGgv2EOYk/IOuCE3D
+8+tlTAl8MwvmwOHgL0GWnjoluR95narhNiV9Px8xyL2Z8kctwrWXbEii0Ot48VcN
+IQMDW5GK8Ww5puMKZr8+bXF2HFzkt8gwaCtrojcF4fLGcm3//bR13CKWbOzacANZ
+gAi00pD70ppjJU/uNVOe5HX6x/Id+50G6jwasanEzhteYJdbbHaMqrL4J6XbTwgJ
+ZciB0ifOZkwTBvQiRJpTkTWPyn/HptMbJGOwwiNbcgtWV7QVLW1GB3HYVum47Zwp
+XcXVM4Fs4XLwfx1Ti87LGdAJJYDS5K1F2prHKW5MsmFLJg61Nd6dZPRDLJLaOPEq
+0Jxa1NdfDjJ8rXOIcuLRAozjBui23vUhfOW9z4kpVIg+c+ylV2Oh/7f+fO731P7E
+AqsTFmiU7svcvkm2OKslolpnQ+pqGFLM4laQE/Q0kjogm7LiOpRssBW/ZfZ7pPLZ
+Ru0/AXrgKwQIM8mLazwlD3wHKPRElhIkxSv4qZ95zgJo6ky/7BpzZ/OAlz3BICbN
+WQhW/MBQVFiC6ivhjDq3AzgyykLShB0eIMRN0SBfTy3/aNfIJbqLmTNookXPoSP7
++mg5OVzVBvDv5ZskWSl8kJB1DzJbN+DOr/i8V3Ugl90CAwEAAaOCAZ0wggGZMB0G
+A1UdDgQWBBTON+buqfoMXkWdtvObUS11tnY77DCB6wYDVR0jBIHjMIHggBQHrehB
+HX+91r8bgXo/jEuI3gTS+qGBxKSBwTCBvjELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdh
+cmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEg
+MB4GA1UEAxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkqhkiG9w0BCQEW
+Fmhvc3RtYXN0ZXJAc3BpLWluYy5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zARBglg
+hkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhCAQ0EHhYcVGlueUNB
+IEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAhBgNVHREEGjAYgRZob3N0bWFzdGVyQHNw
+aS1pbmMub3JnMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOBgQA5HQcqwPE/
+RaN8cb8H1G34rkvSEsj4l8UIivMFEWIKnF3SQT8KVcD7j/eJuhMazwRlTs8Rnu6V
+/uTC10w7SS6gELwDqAzR4PiXTzfkW8OJemyQn6JWXKfq2pR1n4fvwEn7htjeNS69
+iFKlFXyE9j2jhGaps1CKHfe1YX0MuwO4Jw==
+-----END CERTIFICATE-----

spi-inc.org/SPI_CA_2006-cacert.eml

@@ -0,0 +1,121 @@
+Return-Path: <ukai@lists.debian.or.jp>
+X-Original-To: ukai@ukai.jp
+Delivered-To: ukai@ukai.jp
+Received: from osdn.debian.or.jp (osdn.debian.or.jp [61.215.208.41])
+	by mint.ukai.jp (Postfix) with ESMTP id 206B7D41E6
+	for <ukai@ukai.jp>; Thu, 17 Aug 2006 06:02:29 +0900 (JST)
+Received: by osdn.debian.or.jp (Postfix, from userid 1001)
+	id EDABBC31A6; Thu, 17 Aug 2006 06:02:30 +0900 (JST)
+X-Return-Path: <schultmc@amellus.com>
+X-Original-To: ukai@debian.or.jp
+Delivered-To: ukai@debian.or.jp
+Received: from mx1.amellus.net (tanzanite.amellus.net [72.232.8.122])
+	by osdn.debian.or.jp (Postfix) with ESMTP id 8AC35C31A6
+	for <ukai@debian.or.jp>; Thu, 17 Aug 2006 06:02:28 +0900 (JST)
+Received: from localhost (localhost.localdomain [127.0.0.1])
+	by mx1.amellus.net (Postfix) with ESMTP id CC4DF12C20A;
+	Wed, 16 Aug 2006 16:02:19 -0500 (CDT)
+X-Virus-Scanned: by AWESOM-O (Amavis-new,ClamAV) at mx1.amellus.net
+X-Spam-Score: -102.441
+X-Spam-Level: 
+X-Spam-Status: No, score=-102.441 tagged_above=-999 required=4.2
+	tests=[AWL=0.024, BAYES_00=-2.599, FORGED_RCVD_HELO=0.135,
+	SPF_PASS=-0.001, UPPERCASE_25_50=0, USER_IN_WHITELIST=-100]
+Received: from mx1.amellus.net ([127.0.0.1])
+	by localhost (tanzanite.amellus.net [127.0.0.1]) (amavisd-new, port 10024)
+	with ESMTP id Dpf+8VjxZOkr; Wed, 16 Aug 2006 16:02:11 -0500 (CDT)
+Received: from cartman.hq.amellus.com (c-68-58-138-203.hsd1.in.comcast.net [68.58.138.203])
+	by mx1.amellus.net (Postfix) with ESMTP id 72CE512C17F;
+	Wed, 16 Aug 2006 16:02:11 -0500 (CDT)
+Received: by cartman.hq.amellus.com (Postfix, from userid 1000)
+	id 87D66479DE; Wed, 16 Aug 2006 17:03:13 -0400 (EDT)
+Date: Wed, 16 Aug 2006 17:03:13 -0400
+From: Michael Schultheiss <schultmc@spi-inc.org>
+To: Fumitoshi UKAI <ukai@debian.or.jp>
+Cc: hostmaster@spi-inc.org
+Subject: spi-inc.org CA certificate
+Message-ID: <20060816210313.GD6360@amellus.com>
+MIME-Version: 1.0
+Content-Type: multipart/signed; micalg=pgp-sha1;
+	protocol="application/pgp-signature"; boundary="+g7M9IMkV8truYOl"
+Content-Disposition: inline
+User-Agent: Mutt/1.5.12-2006-07-14
+X-Bogosity: Ham, tests=bogofilter, spamicity=0.296304, version=0.94.4
+
+
+--+g7M9IMkV8truYOl
+Content-Type: multipart/mixed; boundary="pf9I7BMVVzbSWLtt"
+Content-Disposition: inline
+
+
+--pf9I7BMVVzbSWLtt
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: inline
+Content-Transfer-Encoding: quoted-printable
+
+The current SPI CA certificate expires on 2007-01-14.  I have generated
+a new SPI CA certificate, signed by the current SPI CA certificate, that
+expires on 2016-08-13 (attached).  The new certificate should be
+included in the Debian ca-certificates package ASAP.
+
+--=20
+----------------------------
+Michael Schultheiss
+E-mail: schultmc@spi-inc.org
+
+--pf9I7BMVVzbSWLtt
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: attachment; filename="SPI_CA_2006-cacert.pem"
+
+-----BEGIN CERTIFICATE-----
+MIIGFTCCBX6gAwIBAgIBEDANBgkqhkiG9w0BAQUFADCBvjELMAkGA1UEBhMCVVMx
+EDAOBgNVBAgTB0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UE
+ChMfU29mdHdhcmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9z
+dG1hc3RlcjEgMB4GA1UEAxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkq
+hkiG9w0BCQEWFmhvc3RtYXN0ZXJAc3BpLWluYy5vcmcwHhcNMDYwODE2MjA0NjUy
+WhcNMTYwODEzMjA0NjUyWjCBvDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0luZGlh
+bmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdhcmUgaW4g
+dGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKSG9zdG1hc3RlcjEeMBwGA1UE
+AxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSUwIwYJKoZIhvcNAQkBFhZob3N0bWFz
+dGVyQHNwaS1pbmMub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+uTlCOrOYvCe0Qszlz90rVIQkS2UDa7R+qCTkRE5ipKC+3OZXGgv2EOYk/IOuCE3D
+8+tlTAl8MwvmwOHgL0GWnjoluR95narhNiV9Px8xyL2Z8kctwrWXbEii0Ot48VcN
+IQMDW5GK8Ww5puMKZr8+bXF2HFzkt8gwaCtrojcF4fLGcm3//bR13CKWbOzacANZ
+gAi00pD70ppjJU/uNVOe5HX6x/Id+50G6jwasanEzhteYJdbbHaMqrL4J6XbTwgJ
+ZciB0ifOZkwTBvQiRJpTkTWPyn/HptMbJGOwwiNbcgtWV7QVLW1GB3HYVum47Zwp
+XcXVM4Fs4XLwfx1Ti87LGdAJJYDS5K1F2prHKW5MsmFLJg61Nd6dZPRDLJLaOPEq
+0Jxa1NdfDjJ8rXOIcuLRAozjBui23vUhfOW9z4kpVIg+c+ylV2Oh/7f+fO731P7E
+AqsTFmiU7svcvkm2OKslolpnQ+pqGFLM4laQE/Q0kjogm7LiOpRssBW/ZfZ7pPLZ
+Ru0/AXrgKwQIM8mLazwlD3wHKPRElhIkxSv4qZ95zgJo6ky/7BpzZ/OAlz3BICbN
+WQhW/MBQVFiC6ivhjDq3AzgyykLShB0eIMRN0SBfTy3/aNfIJbqLmTNookXPoSP7
++mg5OVzVBvDv5ZskWSl8kJB1DzJbN+DOr/i8V3Ugl90CAwEAAaOCAZ0wggGZMB0G
+A1UdDgQWBBTON+buqfoMXkWdtvObUS11tnY77DCB6wYDVR0jBIHjMIHggBQHrehB
+HX+91r8bgXo/jEuI3gTS+qGBxKSBwTCBvjELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0luZGlhbmExFTATBgNVBAcTDEluZGlhbmFwb2xpczEoMCYGA1UEChMfU29mdHdh
+cmUgaW4gdGhlIFB1YmxpYyBJbnRlcmVzdDETMBEGA1UECxMKaG9zdG1hc3RlcjEg
+MB4GA1UEAxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJTAjBgkqhkiG9w0BCQEW
+Fmhvc3RtYXN0ZXJAc3BpLWluYy5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zARBglg
+hkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhCAQ0EHhYcVGlueUNB
+IEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAhBgNVHREEGjAYgRZob3N0bWFzdGVyQHNw
+aS1pbmMub3JnMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOBgQA5HQcqwPE/
+RaN8cb8H1G34rkvSEsj4l8UIivMFEWIKnF3SQT8KVcD7j/eJuhMazwRlTs8Rnu6V
+/uTC10w7SS6gELwDqAzR4PiXTzfkW8OJemyQn6JWXKfq2pR1n4fvwEn7htjeNS69
+iFKlFXyE9j2jhGaps1CKHfe1YX0MuwO4Jw==
+-----END CERTIFICATE-----
+
+--pf9I7BMVVzbSWLtt--
+
+--+g7M9IMkV8truYOl
+Content-Type: application/pgp-signature; name="signature.asc"
+Content-Description: Digital signature
+Content-Disposition: inline
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.5 (GNU/Linux)
+
+iD8DBQFE44gRyJBzD6P54w4RAkuOAJ4xN0tA3aw9CjFJKpbLy4G/OliU7ACdEbEB
+4Mnt8skHQ+OQVDtsyVySyg4=
+=Xztd
+-----END PGP SIGNATURE-----
+
+--+g7M9IMkV8truYOl--