On Sep 23, 2011, at 12:21 PM, m.roth at 5-cent.us wrote: > The one thing I don't understand is this: AFAIK, apache release not a > server update, but an update to the certificate chain, yanking Digitar's > CA. This isn't a binary compatibility issue, it's, as we said when I was > programming, just data. Can't that be pushed through, or are there code > updates in addition? ---- the Apache update has nothing whatsoever to do with issues presented by the (now defunct) DigiNotar Certificate Authority. That would be handled by updates to browser applications and/or OS Root Certificate store (ca-certificates) which is significant if you have users on the system but again, this all has nothing to do with security updates released for apache (httpd) Craig