"intentionally-vulnerable" in your quote referrs to the intentions of Cloudflare in installing Nginx on top of a vulnerable Openssl installation.
No, I just scanned through it looking for hints on what the ca subject might be. Now I have however and I have to admit it still isn't clear to me from the article that this is not a common ca or whatever we should call them.
I can't find any certificate that looks like this on Centos 6 either.
Just asked a collegue to check his windows machine for any ca certificates named anything with Gemnet or KPN, no matches there either.
Ok, so this Ca is already not included in Debian?
I can't find anything about it in the changelog for the ca-certificates package.
So the first question I expected t.f.a. to answer:
What is the subject name of this Ca so I can remove it from my list of "trusted" Cas?
Link to Original Source
... anywhere else that thing is going to collect colossal amounts of dust.