Certificate Warnings for IETF Websites

[Glen <glen at amsl.com>]

All -

At the direction of the IETF, I have just installed new SSL certificates
on the IETF website.  These certificates were provided to us by Verisign.

Although my PCs do not complain, my Macs, and several other users' computers,
are complaining about these new certificates.  Specifically, I get a warning
that "the certificate for this website was signed by an unknown certifying
authority."

They do use an intermediate chain certificate, and I do have that certificate
installed and configured as well, so I'm not sure what the issue is.

I've sent email to Verisign to ask them what the problem might be, and I'm
sure we'll get clarification within the next day or so.

In the meantime, you may wish to ignore these warnings and continue on.

The certificate serial number we are using is:
01 C8 AD B8 C0 E5 15 B4 31 7B F5 DC 27 34 C6 9A

The SHA1 fingerprint is:
B7 7C 38 E6 E4 E0 E0 6F EB 42 8A AD 86 32 3F FB F6 62 68 45

The MD5 fingerprint is:
E2 DA 09 86 53 4E E8 EA 08 EA 2B CD F9 09 BA 7F

And the certificate expires:
Wednesday, August 25, 2010, at 4:59:59 PM PT

You may wish to add this certificate to your custom trust chain.

And, as I said, we expect that we'll get a quick resolution to this issue
from Verisign.

Glen Barney
IT Director
AMS (IETF Secretariat)