svn commit: r47312 - head/en_US.ISO8859-1/books/handbook/mirrors

Peter Wemm peter at FreeBSD.org
Thu Aug 27 01:04:04 UTC 2015


Author: peter (src committer)
Date: Thu Aug 27 01:04:03 2015
New Revision: 47312
URL: https://svnweb.freebsd.org/changeset/doc/47312

Log:
  Re-add the legacy fingerprints with warnings that they are deprecated.

Modified:
  head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml

Modified: head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml	Wed Aug 26 16:54:58 2015	(r47311)
+++ head/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml	Thu Aug 27 01:04:03 2015	(r47312)
@@ -651,8 +651,9 @@ Comment out for now until these can be v
 	  official SSL certificate that will be recognized by
 	  <application>Subversion</application> if the <filename
 	    role="package">security/ca_root_nss</filename> port is
-	  installed.  The legacy self-signed certificates are still
-	  available, but are now considered deprecated.</para>
+	  installed.  The legacy self-signed certificates and server
+	  names are still available but are deprecated and no longer
+	  supported.</para>
       </note>
 
       <para>For those without the <filename
@@ -694,6 +695,48 @@ Comment out for now until these can be v
 	or other problems, <literal>svn</literal> is the next choice,
 	with slightly faster transfers.  When neither can be used, use
 	<literal>http</literal>.</para>
+
+      <para>For those still using deprecated server names, the SHA1
+        and SHA256 fingerprints will be one of:</para>
+
+      <informaltable>
+	<tgroup cols="2">
+	  <colspec colwidth="1*"/>
+	  <colspec colwidth="1*"/>
+	  <thead>
+	    <row>
+	      <entry>Hash</entry>
+	      <entry>Fingerprint</entry>
+	    </row>
+	  </thead>
+
+	  <tbody>
+	    <row>
+	      <entry>Legacy-SHA1</entry>
+	      <entry><literal>1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61</literal></entry>
+	    </row>
+
+	    <row>
+	      <entry>Legacy-SHA1</entry>
+	      <entry><literal>F6:44:AA:B9:03:89:0E:3E:8C:4D:4D:14:F0:27:E6:C7:C1:8B:17:C5</literal></entry>
+	    </row>
+
+	    <row>
+	      <entry>Legacy-SHA256</entry>
+	      <entry><literal>47:35:A9:09:A3:AB:FA:20:33:36:43:C5:1A:D6:E6:FB:EB:C0:C0:83:37:D4:46:9C:A0:AB:89:7F:C2:9C:4C:A3</literal></entry>
+	    </row>
+
+	    <row>
+	      <entry>Legacy-SHA256</entry>
+	      <entry><literal>48:3C:84:DB:7C:27:1B:FA:D5:0B:A0:D7:E0:4C:79:AA:A3:8E:A3:FA:84:E6:32:34:7D:EB:30:E6:11:01:CF:BE</literal></entry>
+	    </row>
+	  </tbody>
+	</tgroup>
+      </informaltable>
+
+      <para>If you are seeing one of these legacy certificate
+        fingerprints then it is likely you are using a deprecated
+        server name.</para>
     </sect2>
 
     <sect2>


More information about the svn-doc-all mailing list