ca-certificates (20090708) unstable; urgency=low

  * Removed CA files:
    - cacert.org/root.crt and cacert.org/class3.crt:
      Both certificate files were deprecated with 20080809.  Users of these
      root certificates are encouraged to switch to
      `cacert.org/cacert.org.crt' which contains both class 1 and class 3
      roots joined in a single file.
    - quovadis.bm/QuoVadis_Root_Certification_Authority.crt:
      This certificate has been added into the Mozilla truststore and
      is available as `mozilla/QuoVadis_Root_CA.crt'.

 -- Philipp Kern <pkern@debian.org>  Wed, 08 Jul 2009 23:19:56 +0200

ca-certificates (20090701) unstable; urgency=low

  * Readded Equifax Secure Global eBusiness CA.

 -- Philipp Kern <pkern@debian.org>  Wed, 01 Jul 2009 14:47:02 +0200

ca-certificates (20090624) unstable; urgency=low

  * This update eases the installation of local certification authorities
    by providing a canonical location in `/usr/local/share/ca-certificates'.
    All certificates found in this directory will automatically be included
    into the list of trusted certificates.  For details please see
    `/usr/share/doc/ca-certificates/README.Debian'.
  * New CA certificates:
    - COMODO ECC Certification Authority
    - DigiNotar Root CA
    - Network Solutions Certificate Authority
    - WellsSecure Public Root Certificate Authority
  * Removed CA certificates:
    - Equifax Secure Global eBusiness CA
    - UTN USERFirst Object Root CA

 -- Philipp Kern <pkern@debian.org>  Wed, 24 Jun 2009 21:04:45 +0200

ca-certificates (20080809) unstable; urgency=low

  * New cacert.org.pem joining both CACert Class 1 and Class 3 certificates.
    This file can be used for proper certificate chaining if CACert
    server certificates are used.  The old class3.pem and root.pem
    certificates are deprecated.  This new file could safely serve as
    a replacement for both.

 -- Philipp Kern <pkern@debian.org>  Sat, 09 Aug 2008 14:58:24 -0300

ca-certificates (20080617) unstable; urgency=low

  * New CA certificates:
    - gouv.fr: added French Government's IGC/A CA
    - spi-inc.org: added new SPI CA certificate, created in reponse to
      the infamous OpenSSL security update (already in 20080514)
  * Removed CA certificates:
    - spi-inc.org: removed old, still valid but possibly compromised
      SPI CA certificates from 2006 and 2007 (already in 20080514)

 -- Philipp Kern <pkern@debian.org>  Fri, 20 Jun 2008 10:05:49 +0200

ca-certificates (20080411) unstable; urgency=low

  * New CA certificates:
    - spi-inc.org: current SPI CA certificate
    - telesec.de: added Deutsche Telekom Root CA 2
    - mozilla:
      + Camerfirma Chambers of Commerce Root
      + Camerfirma Global Chambersign Root
      + Certplus Class 2 Primary CA
      + COMODO Certification Authority
      + DigiCert Assured ID Root CA
      + DigiCert Global Root CA
      + DigiCert High Assurance EV Root CA
      + DST ACES CA X6
      + DST Root CA X3
      + Entrust Root Certification Authority
      + Firmaprofesional Root CA
      + GeoTrust Global CA 2
      + GeoTrust Primary Certification Authority
      + GeoTrust Universal CA
      + GeoTrust Universal CA 2
      + GlobalSign Root CA - R2
      + Go Daddy Class 2 CA
      + NetLock Business (Class B) Root
      + NetLock Express (Class C) Root
      + NetLock Notary (Class A) Root
      + NetLock Qualified (Class QA) Root
      + QuoVadis Root CA 2
      + QuoVadis Root CA 3
      + Secure Global CA
      + SecureTrust CA
      + Starfield Class 2 CA
      + StartCom Certification Authority
      + StartCom Ltd.
      + Swisscom Root CA 1
      + SwissSign Gold CA - G2
      + SwissSign Platinum CA - G2
      + SwissSign Silver CA - G2
      + Taiwan GRCA
      + thawte Primary Root CA
      + TURKTRUST Certificate Services Provider Root 1
      + TURKTRUST Certificate Services Provider Root 2
      + VeriSign Class 3 Public Primary Certification Authority - G5
      + Wells Fargo Root CA
      + XRamp Global CA Root
  * Removed CA certificates:
    - mozilla:
      + Verisign Class 1 Public Primary OCSP Responder
      + Verisign Class 2 Public Primary OCSP Responder
      + Verisign Class 3 Public Primary OCSP Responder
      + Verisign Secure Server OCSP Responder

 -- Philipp Kern <pkern@debian.org>  Mon, 07 Apr 2008 18:00:06 +0200

ca-certificates (20070303) unstable; urgency=low

  * New CA certificates:
    - debconf.org: DebConf
    - cacert.org: add class3

 -- Fumitoshi UKAI <ukai@debian.or.jp>  Sat,  3 Mar 2007 21:21:50 -0800

ca-certificates (20040808) unstable; urgency=low

  * New CA certificates:
   - brasil.gov.gr: Autoridade Certificadora Raiz Brasileira
   - signet.pl: Certification Center Signet (CC Signet)
   - quovadis.bm: QuoVadis CA certificates
  * Remove CA certificates:
   - debian.org: revoked due to crack incident.

 -- Fumitoshi UKAI <ukai@debian.or.jp>  Sun,  8 Aug 2004 22:43:36 +0900

