Hello,

as previously anticipated on debian-devel[1], and since nobody stepped
up for its maintenance, I am going to take sso.debian.org offline by the
end of March 2023, after 9 years of honored service.

Sites working with sso.debian.org certificates have until that time to
fix their configuration[2], since taking sso.debian.org offline will
take its CRL publishing endpoint also offline.

I would welcome better single sign-on systems for Debian than Salsa, and sso.debian.org is not it. I'll do my part in taking it offline, and I
welcome others to do their part in spinning up something better.


Enrico

[1] https://lists.debian.org/debian-devel/2022/10/msg00223.html
[2] I have not checked if sso.debian.org could be used to craft
malicious certificates, nor if any of the current servers supporting
client cert login are running on OpenSSL 3. However, today's
disclosed vulnerability, which can be exploited via client
authentication[3], can be a good incentive to go check your web
server configurations :)
[3] https://www.openssl.org/news/vulnerabilities.html
--
GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEJJAhGtA2CH5tHZqS0P9Jy+P0+2gFAmNhT0YACgkQ0P9Jy+P0 +2iN2Q/+ITU7hOzIw01UMLHE/jPr46hHgkmJV8QTrbTnI0seECgsBq8K+8T0y1nf DWuXhM7msf/gpseDcjTW331FmP26rpE13rtHZnEdwNgsEalSG85RHR+wSWtY/mXe gyfMgE2BU2yuNwTvEl1V6hxiT9XVu8BnVSZ5ta10PaAee28hlQFzK1HFOKehC8vN pClGcnCc9BN8NuH0d6IuABzyyoHRDilY9D9jXTbbJFV7G74rTHKcNMJLDTbWKCvE b0jgTuszowMKihbNQMpCN1ZUxAuzpBzQSAJnkb2ZEN5wt6ZgsFL8vuFLADzbgk/m qrrlZRndalypZJOSO/GwEP/3iFX0rfhbVn5Qra1F/1JKiNYCAPGHTwCTV3dQgRBM AcFqHr6IOuwMTuTto3LaGTcpZV7IEcT9OZJL1fWxcg4WwTb3gCW8+Xgjva5VG5zZ gJKViT6hQQ9JsEb/qrPP4iZLVVDFi6R95ptoDKFoUTY9GgTcg4MEep58vKekFhr5 aPYkartstT3A+m95AAP2SzABGp6NKI+ad6pwp3/avFfaQ15mWB0P5t80oWROKtMe BmrXW3FDMEVa5uMTQPi7AeWVLNfr3zu7Jgjtba/pV8c2Q6lJ2xNgMdnA78QepsDR JP1YrdxU7P/c0li7Ucn0sdEfSXbUK35CdSGxO1OiQxIUUpTPheQ=
=qaBE
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)