<div dir="ltr"><div>-----BEGIN PGP SIGNED MESSAGE-----</div><div>Hash: SHA1</div><div><br></div><div>Hey gang,</div><div><br></div><div>Just a heads up for some of you that may not have been around the coders</div><div>channel when it happened, but the certificate for the SVN server has been</div>
<div>updated. We are also now using a newer non-MD5 Class 3 Root from CAcert to</div><div>avoid a long standing hack that many (in Linux at least) needed in order to use</div><div>subversion over SSL on systems with a newer neon27 GNU TLS library, which was</div>
<div>patched to not trust MD5 signed certificates.</div><div><br></div><div>For those of you that edited your ~/.subversion/servers file to add</div><div>&quot;ssl-trust-default-ca = no&quot;, you should now be able to remove that line and use</div>
<div>SVN via SSL/HTTPS normally.</div><div><br></div><div>For those wondering, here is a copy of the new fingerprint and related info:</div><div><br></div><div><span class="" style="white-space:pre">        </span>$ gnutls-cli <a href="http://svn.blender.org">svn.blender.org</a></div>
<div><span class="" style="white-space:pre">        </span>Resolving &#39;<a href="http://svn.blender.org">svn.blender.org</a>&#39;...</div><div><span class="" style="white-space:pre">        </span>Connecting to &#39;82.94.213.217:443&#39;...</div>
<div><span class="" style="white-space:pre">        </span>- Ephemeral Diffie-Hellman parameters</div><div><span class="" style="white-space:pre">        </span> - Using prime: 1024 bits</div><div><span class="" style="white-space:pre">        </span> - Secret key: 1020 bits</div>
<div><span class="" style="white-space:pre">        </span> - Peer&#39;s public key: 1017 bits</div><div><span class="" style="white-space:pre">        </span>- Certificate type: X.509</div><div><span class="" style="white-space:pre">        </span> - Got a certificate list of 2 certificates.</div>
<div><span class="" style="white-space:pre">        </span> - Certificate[0] info:</div><div><span class="" style="white-space:pre">        </span>  - subject `CN=<a href="http://svn.blender.org">svn.blender.org</a>&#39;, issuer `O=CAcert Inc.,OU=<a href="http://www.CAcert.org">http://www.CAcert.org</a>,CN=CAcert Class 3 Root&#39;, RSA key 2048 bits, signed using RSA-SHA1, activated `2013-03-29 15:39:41 UTC&#39;, expires `2015-03-29 15:39:41 UTC&#39;, SHA-1 fingerprint `7a4d4433cf42273b8f225e1c11d120e5af824d3b&#39;</div>
<div><span class="" style="white-space:pre">        </span> - Certificate[1] info:</div><div><span class="" style="white-space:pre">        </span>  - subject `O=CAcert Inc.,OU=<a href="http://www.CAcert.org">http://www.CAcert.org</a>,CN=CAcert Class 3 Root&#39;, issuer `O=Root CA,OU=<a href="http://www.cacert.org">http://www.cacert.org</a>,CN=CA Cert Signing Authority,EMAIL=<a href="mailto:support@cacert.org">support@cacert.org</a>&#39;, RSA key 4096 bits, signed using RSA-SHA256, activated `2011-05-23 17:48:02 UTC&#39;, expires `2021-05-20 17:48:02 UTC&#39;, SHA-1 fingerprint `ad7c3f64fc4439fef4e90be8f47c6cfa8aadfdce&#39;</div>
<div><span class="" style="white-space:pre">        </span>- The hostname in the certificate matches &#39;<a href="http://svn.blender.org">svn.blender.org</a>&#39;.</div><div><span class="" style="white-space:pre">        </span>- Peer&#39;s certificate issuer is unknown</div>
<div><span class="" style="white-space:pre">        </span>- Peer&#39;s certificate is NOT trusted</div><div><span class="" style="white-space:pre">        </span>- Version: TLS1.0</div><div><span class="" style="white-space:pre">        </span>- Key Exchange: DHE-RSA</div>
<div><span class="" style="white-space:pre">        </span>- Cipher: AES-128-CBC</div><div><span class="" style="white-space:pre">        </span>- MAC: SHA1</div><div><span class="" style="white-space:pre">        </span>- Compression: NULL</div>
<div><span class="" style="white-space:pre">        </span>- Handshake was completed</div><div><br></div><div><br></div><div><br></div><div>Dan</div><div>-----BEGIN PGP SIGNATURE-----</div><div>Version: GnuPG v1.4.11 (GNU/Linux)</div>
<div><br></div><div>iQIcBAEBAgAGBQJRVgKFAAoJEBERWpIPPWwUDnoP/jyHXY4KmApcJhmpzarhW8JS</div><div>Pp3/xfDA5yZ1WT26Tbo0uncQf4C+xrLg3Te6u9xC/3PQ7hPSgORyrelozxLX+kj+</div><div>9zBog42huFyBeM4QmSayoyXV5d+aAbkzn4JLE9IyZeoQurEc7GJjawI465iQdy1n</div>
<div>cxH+sB3yZojyo2kMWkvP+mXFKplLeNM1ulC3utGz+4gyfSh6VJb3/+DAoOCkgUuW</div><div>UjyeVk54YltOD0ZTtKkXJv0qsA8SkaALSul+BoxiQGtJzaulMStgT8BwpiQeJbKl</div><div>VxlVjArqk+Bg9IApXFYZVMcEWybWI6TLEowEUnnIx1bAUKuKHDRFzRivm1ojiAvM</div>
<div>Tp/e5n4oHG2e+7e0xIFLOf01OY45v65xmTNC0UCc/cpc58FezzvWjo9lNnAcq7Fu</div><div>bM1UnSrRhp6Rfm398McYwS5yp8NqvxPNt2h/hOp3QQAbK+BGg7bRqa8E1cdnwsLa</div><div>mWdcMMuaLaZzniVsmfXImO1A0+gaxJYI/mHDPJnTPZdzBgWrOY2gG9n/eEC2XxZ6</div>
<div>dcbpDhTh5Ydd62oSKrIDJIwKnRVebR1XgEr79e5nN0l/k/Nm9+LAKV6oVLgnvJy1</div><div>NICFFtX+jAV5wqsyxsAA/wdGFo88MV7e+gVbOrX+GXmdTZczmlbTqbq+PSeX3L7U</div><div>doIoZp5G0pOT/QWi1oUs</div><div>=mr1j</div><div>-----END PGP SIGNATURE-----</div>
</div>